Security audit
Pipeworx advice
Security checks across malware telemetry and agentic risk
Overview
This is a narrow advice-fetching skill that calls a public API and does not request credentials, persistence, or broad local access.
Before installing, be comfortable with sending advice searches to the Pipeworx gateway. Prefer direct curl usage for minimal local execution; the optional MCP configuration uses npx and mcp-remote@latest, which requires trusting npm package execution.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
51/51 vendors flagged this skill as clean.