Nm Conserve Token Conservation
Security checks across malware telemetry and agentic risk
Overview
This skill is a markdown-only workflow for limiting context usage and does not request hidden access, code execution, credentials, or data exfiltration.
Installing this should mainly make the agent more conservative about context and file reads. Expect it to add quota checks and possibly ask before loading more files; review that workflow preference, but there is no artifact-backed security concern.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.