Api Design Reviewer
Security checks across malware telemetry and agentic risk
Overview
This skill is a local API design review toolkit whose scripts and documentation match its stated purpose and do not show hidden data access or unsafe behavior.
Reasonable to install for API design review. Run the included Python scripts only on API specs you intend to analyze, and remember that private API definitions may contain sensitive endpoint or schema information even though this skill does not transmit them.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.