Pesticide

Security checks across malware telemetry and agentic risk

Overview

This skill is a static pesticide reference run by a local shell script, with no evidence of hidden data access, persistence, networking, or unsafe system behavior.

Install only if you are comfortable running a local bash script that prints pesticide reference material. Before acting on any product choice, rate, interval, residue, safety, or compliance information, verify the current product label, SDS, and applicable local/state/national regulations, and consult a qualified applicator or agronomist for location-specific decisions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill provides operational pesticide selection, rate, application, safety, and compliance guidance without an explicit warning that users must follow the legally binding product label and local regulations before any real-world use. In an agriculture context, omission of that warning can lead users to treat the skill as sufficient authority, increasing the risk of unsafe application, residue violations, crop damage, environmental harm, and human exposure.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal