Threat Modeling Expert
Security checks across malware telemetry and agentic risk
Overview
This is an instruction-only defensive threat-modeling skill with no code execution, credential handling, persistence, or hidden behavior found.
Safe to install for defensive security planning. Users should provide only systems and architecture details they are authorized to review, and should treat the output as planning guidance rather than a legal compliance certification.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.