Secrets Scanner
Security checks across malware telemetry and agentic risk
Overview
This instruction-only AWS secrets scanner is mostly coherent, but one sample AWS command can expose Lambda environment variable values despite saying to share names only.
Review before installing. Use only redacted files and outputs, and do not paste raw Lambda configuration or environment variable values. If using the Lambda example, change the query to return variable names only and restrict AWS read permissions to the specific resources you intend to inspect.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.