Nm Pensive Code Refinement

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed code-refinement helper that scans project source code for quality issues and does not show hidden, destructive, or data-exfiltrating behavior.

Install this only if you want an agent to inspect source code in the active project and possibly produce reports with code snippets. Review optional Night Market/Claude Code plugin integrations separately before enabling them, and keep generated reports private when working with proprietary code.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 95% confidence
Finding: This manifest-style markdown front matter defines triggers such as "refactoring," "algorithms," "craft," and "anti-slop" without clear scope constraints or exclusion conditions. Several of these are generic terms that could match common discussion about code or quality, increasing the chance of unintended invocation.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal