Nm Pensive Blast Radius
Security checks across malware telemetry and agentic risk
Overview
This skill is a disclosed code impact-analysis helper that runs local repository inspection commands and does not show hidden, destructive, or data-exfiltrating behavior.
Install only if you are comfortable with the agent running local analysis commands in the repository where you invoke it. If gauntlet is installed, review and trust that plugin as well because this skill may call its graph_query.py helper; otherwise it falls back to git, rg, grep, or sem-based analysis.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.