Security audit
Supplier Assessment
Security checks across malware telemetry and agentic risk
Overview
This skill is a structured supplier-review assistant that stays within its stated purpose and does not show hidden data access or unsafe behavior.
Before installing, users should understand that supplier scores and summaries are generated as decision support only and must be reviewed by an authorized evaluator. Do not provide supplier or business data that should not be used in the assessment, and expect that report generation may require a separate script or manual output handling because the referenced build script is not included in the artifact.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.
Static analysis
No suspicious patterns detected.
