Grounding Practices
Security checks across malware telemetry and agentic risk
Overview
This is an instruction-only grounding guide that may shape agent behavior, but it does not include code, hidden automation, credential access, or data exfiltration.
Install this if you want a recurring grounding and self-check prompt for your agent. Review the startup/heartbeat suggestions first, because enabling them broadly can affect every session, and verify the source/version if exact provenance matters.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.