Security audit
Skill Vetter Bwm
Security checks across malware telemetry and agentic risk
Overview
This skill is a checklist for reviewing other skills before installation and does not include executable code or hidden setup behavior.
Reasonable to install as a checklist aid. Treat it as guidance rather than a complete security scanner, verify publisher identity when provenance matters, and note that its sample commands make network requests to GitHub if you choose to run them.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.
Static analysis
No suspicious patterns detected.
