Nm Leyline Supply Chain Advisory

Security checks across malware telemetry and agentic risk

Overview

This is a markdown-only supply-chain security guidance skill with no executable installer or hidden runtime behavior found.

This skill appears suitable to install if you want supply-chain incident-response checklists and scanning patterns. Review commands before running them because some examples search broad local directories, modify dependency files, reinstall environments, or require credential rotation during a real incident.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Low

Confidence: 81% confidence
Finding: This markdown file instructs the reader to remove artifacts, regenerate lockfiles, reinstall environments, and rotate all accessible credentials, but it does not explicitly warn that these actions can alter or destroy evidence, disrupt systems, or require coordination before execution. Although the file is clearly about incident response, the remediation section would be safer with a concise caution that these steps modify environments and should be performed deliberately after preservation needs are assessed.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal