Carbon ESG Analyst
Security checks across malware telemetry and agentic risk
Overview
This is a plain ESG reporting helper with no executable code, install scripts, persistence, credential use, or hidden data movement found.
Before installing, treat this as an analytical drafting aid rather than authoritative legal or compliance advice. Review any company data you provide, and verify emission factors, regulatory claims, and carbon-credit recommendations against current official sources.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.