Swift Testing Code Review

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only Swift Testing code review skill with scoped review instructions and no executable or persistent behavior.

Install is reasonable if you want review assistance for Swift Testing code. Expect the agent to read the Swift files you ask it to review and possibly load its local markdown references; it should not run code, modify files, access credentials, or contact external services as part of this skill.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Low

Confidence: 93% confidence
Finding: The description says to use the skill when reviewing .swift files with common Swift Testing markers like `@Test` or `#expect`, but it does not clearly define when the skill should not be invoked or provide negative examples. Because these markers may appear in varied contexts, the activation scope is somewhat ambiguous for a manifest/markdown description.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal