Codifica
Security checks across malware telemetry and agentic risk
Overview
Codifica is an instruction-only coordination skill that uses Git-tracked text files as shared task memory, with the main risks clearly tied to that stated purpose.
Use this skill only in repositories where you want agents to coordinate through Git-tracked Codifica files. Review codifica.json, the referenced spec, file scope, and task state before use; avoid storing secrets or private information in task notes; and use branches, protected remotes, or limited Git credentials where automatic commits and pushes should be controlled.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.