Data Type Classifier

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a straightforward construction-data classifier with only ordinary local file/export behavior.

Safe to install for its stated purpose. Use it with construction/project files you intend to analyze, review export locations before writing reports, and note that the included sample saves classification_report.md in the working directory.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Natural-Language Policy Violations

Low

Confidence: 78% confidence
Finding: The book reference includes a Russian title first ("Типы данных в строительстве") alongside the English translation, but the document does not state whether the skill expects or prefers Russian-language inputs or outputs, nor does it offer a user language choice. Under the language/locale policy, unexplained language steering in natural-language instructions can be a policy concern when not clearly justified.

Unrestricted Tool Access

Medium

Category: Excessive Agency
Content: - **Format:** {c.detected_format.value} - **Structure:** {c.structure.value} - **Storage:** {c.storage_recommendation.value} - **Tools:** {', '.join(c.processing_tools[:3])} - **Confidence:** {c.confidence:.0%} """
Confidence: 85% confidence
Finding: Tools:*

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal