Security audit

Codebase Stats

Security checks across malware telemetry and agentic risk

Overview

This is a local code metrics tool that reads a chosen project and can optionally save a report, with no evidence of hidden network use, credential access, persistence, or destructive behavior.

Install only if you trust the publisher/source. Run it against specific code folders you intend to analyze, avoid broad home or secrets-containing directories, and choose --output filenames carefully because an existing file at that path can be overwritten.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 88% confidence
Finding: The skill can write its generated report to any user-supplied path via --output, which exceeds a purely read-only analysis capability and creates a file-modification primitive. In an agent setting, this can overwrite existing files, place content in sensitive locations, or be chained with other behaviors to tamper with a repository or local environment.

Vague Triggers

Medium

Confidence: 82% confidence
Finding: The trigger phrases are broad and overlap with common development requests such as 'code analysis', 'project metrics', and 'code quality', which can cause the skill to activate in contexts where the user did not intend filesystem analysis. Because the skill can read a codebase and write reports, over-broad invocation increases the chance of unnecessary file access or unintended execution in adjacent workflows.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal