Energy-Carbon Management Suite
Security checks across malware telemetry and agentic risk
Overview
This is a text-only sustainability reporting skill with no scripts, persistence, hidden behavior, or scanner concerns found.
This skill appears safe to install as an instruction-only assistant skill. Users should still treat uploaded energy bills, fleet records, and supply-chain invoices as sensitive business data, and independently verify any emissions factors, regulatory claims, and carbon market pricing before using outputs for compliance or financial decisions.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.