Security audit
Pipeworx Govcon Analyst
Security checks across malware telemetry and agentic risk
Overview
This skill is a disclosed connector for government-contracting research that uses a remote Pipeworx MCP gateway and does not request local code execution, credentials, or elevated access.
Install only if you are comfortable sending GovCon searches, contractor names, opportunity interests, and related analysis prompts to the Pipeworx MCP gateway. Avoid storing confidential procurement strategy or sensitive business findings with remember/recall unless you intend them to persist.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
63/63 vendors flagged this skill as clean.