Security audit
Freight Broker — Shipper/Carrier Principal-Agent Balance
Security checks across malware telemetry and agentic risk
Overview
The reviewed artifacts show disclosed, purpose-aligned operational skills rather than hidden or malicious behavior.
Install only in environments where the listed operational integrations and credentials are intended. Review configured tokens and shared-memory remotes before use, and keep the documented confirmation steps for moderation, email, production release, and other write actions.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.
Static analysis
No suspicious patterns detected.
