Pre Commit Config Validator
Security checks across malware telemetry and agentic risk
Overview
This is a local pre-commit configuration checker that reads user-specified YAML files and reports validation results without hidden network, credential, persistence, or destructive behavior.
Reasonable to install if you want a local helper for checking pre-commit YAML files. As with any local script, run it only on files you intend to inspect and review the publisher or code first for sensitive workflows.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.