Nm Leyline Pytest Config

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only pytest setup skill whose examples fit its testing and CI purpose, with minor trigger-scope caveats.

Install this if you want pytest configuration guidance for Python projects. Before copying snippets, review the GitHub Actions workflow, Codecov upload, pip install command, and git helper fixtures against your repository's CI and security practices.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The trigger list contains broad generic terms like "testing," "configuration," and "fixtures," which can cause the skill to be invoked in contexts far beyond its intended pytest-specific use. This is not a code-execution flaw, but it can increase accidental activation, leading agents to apply irrelevant guidance or expose unnecessary skill content in unrelated workflows.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal