MayGuard

Security checks across malware telemetry and agentic risk

Overview

MayGuard is a local, user-run scanner for other skill folders, with no evidence of hidden network access, persistence, credential theft, or file modification.

Install only if you want a lightweight local scanner for downloaded skill folders. Run it against the specific skill directory you intend to inspect, not your home directory or broad private folders, and treat its SAFE result as a heuristic rather than a guarantee.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 86% confidence
Finding: The skill explicitly states that auditing may inspect sensitive artifacts like .env files, SSH keys, and config files, but it does not warn users or define safeguards for handling secrets. This creates a real risk of unnecessary exposure of confidential data during scans, especially if findings are logged, summarized, or shared with other tools.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal