Context Window Economics
Security checks across malware telemetry and agentic risk
Overview
This skill is a disclosed local cost-tracking helper for agent inference costs, with the main caution being that it asks users to install an external PyPI package.
Install only if you want local inference cost metering and settlement reports. Before installing, verify the PyPI package and choose a safe project directory for the `.jsonl` logs; avoid putting secrets, customer names, or sensitive business details into agent IDs or transaction IDs.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.