企业-产学研合作与研发评估
Security checks across malware telemetry and agentic risk
Overview
This is a public-information research workflow for evaluating company-university R&D partnerships, with no executable code, credential use, persistence, or local data access.
This skill appears safe to install from a security perspective. It needs web-search capability and produces business or investment-style judgments from public sources, so users should verify important diligence, investment, or procurement decisions against primary sources and ask for their preferred response language if needed.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.