open-leqi-assistant
Security checks across malware telemetry and agentic risk
Overview
The supplied scan signals show no concrete security issue, but the target artifact files were not available for a full independent artifact review.
Available telemetry does not show a reason to block installation. Because the actual target files were not available for independent review, inspect the skill metadata and instructions before installing, and only provide credentials or private data when they clearly match the skill's stated purpose.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.