Credibility Action Gate
Security checks across malware telemetry and agentic risk
Overview
This skill is an analysis-only gate for evaluating uncertain claims before costly actions, and its file access and test execution are disclosed and proportionate to that purpose.
Use this skill as a decision aid for high-impact actions, not as automatic approval. Review the operator policy and lane inputs carefully because the output may influence funding, referrals, approvals, or endorsements, even though the skill itself does not perform those actions.
Publisher note
Analysis-only skill for evaluating whether an uncertain claim record supports a bounded action under an operator policy. Safety posture: - No credentials, secrets, payment execution, or account actions. - No external network calls. - Uses Node.js built-ins only. - Reads local JSON lane/policy files and writes JSON disposition output. - Deterministic coordinator; does not decide mission priority or execute the action. - Fails closed when required lanes are missing, errored, or not applicable. - Includes regression tests covering missing lanes, unsupported action size, lane mismatch, invalid status, hard blockers, and output preservation. Local execution: - Runs `scripts/credibility-coordinator.mjs`. - Test command: `node scripts/test-credibility-coordinator.mjs`.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.