Zero Trust Protocol - Security-First Agent Guidelines
Security checks across malware telemetry and agentic risk
Overview
This is an instruction-only security guidance skill that asks agents to verify risky actions before proceeding and does not add executable code or hidden access.
Reasonable to install if you want your agent to be more cautious about links, package installs, credentials, uploads, and other external actions. Treat it as behavioral policy rather than automatic enforcement, and review the credential storage suggestions so they match your own secret-management practices.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.