Back to skill

Security audit

Wolverine — Self-Healing Process Manager

Security checks across malware telemetry and agentic risk

Overview

This skill is coherent with its self-healing purpose, but it asks for enough code-changing and process-control authority that users should review it carefully before installing.

Install only after reviewing or pinning the npm package version and testing in a staging workspace. Confirm whether every code change and operational command requires explicit approval, how to disable healing, where memory and backups are stored, and that rollback works before letting it supervise important projects.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.