12 Factor Apps Analysis
Security checks across malware telemetry and agentic risk
Overview
This is a text-only skill that guides a codebase review against the 12-Factor App methodology, with no hidden execution or persistence.
Installers should point this skill only at the repository they intend to review, since it may read private project files while collecting evidence. The referenced `12-factor-apps` helper skill should be reviewed separately if the agent uses it.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.