Security audit
Wolverine — Self-Healing Process Manager
Security checks across malware telemetry and agentic risk
Overview
This skill is coherent with its self-healing purpose, but it asks for enough code-changing and process-control authority that users should review it carefully before installing.
Install only after reviewing or pinning the npm package version and testing in a staging workspace. Confirm whether every code change and operational command requires explicit approval, how to disable healing, where memory and backups are stored, and that rollback works before letting it supervise important projects.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.
Static analysis
No suspicious patterns detected.
