Security audit
Surgical Contributor (Minimal Diff PR Skill)
Security checks across malware telemetry and agentic risk
Overview
This is a straightforward workflow skill for making small, tested repository fixes, with no evidence of hidden execution, credential access, persistence, or data exfiltration.
Install this if you want an assistant workflow for small, disciplined code fixes. Because the skill is designed to modify project files and tests, review the resulting diff and verification output before committing, merging, or publishing changes.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.
Static analysis
No suspicious patterns detected.