rag-knowledge-curator
Security checks across malware telemetry and agentic risk
Overview
This is a text-only RAG document-cleaning skill that processes user-provided content and does not install code, run commands, or request credentials.
Safe to install for document-cleaning and RAG preparation workflows. Treat pasted enterprise documents as sensitive, review generated chunks before sending them to any embedding or vector database pipeline, and keep credentials only in the external tools that perform ingestion.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.