Security audit
Websocket Patterns
Security checks across malware telemetry and agentic risk
Overview
This is a written WebSocket/SSE design guide and does not run code, request credentials, or change the user’s system.
Safe to install as a reference skill. It may guide an agent to discuss security-sensitive realtime architecture topics such as JWTs, cookies, authorization, and abuse controls, but the skill itself is documentation only and does not access secrets or perform actions.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.