AI保险顾问
Security checks across malware telemetry and agentic risk
Overview
The reviewed skill artifacts are coherent maintainer and Convex workflow helpers with disclosed commands, safeguards, and no evidence of hidden data theft or destructive automation.
This appears safe to install for users who understand it is a maintainer-oriented skill bundle. Before using it, be aware that moderation and migration workflows can affect production data or accounts, and the autoreview helper may run a nested reviewer with broad local workspace access unless invoked with its safer options.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.