Back to skill

Security audit

Supplier Assessment

Security checks across malware telemetry and agentic risk

Overview

This skill is a structured supplier-review assistant that stays within its stated purpose and does not show hidden data access or unsafe behavior.

Before installing, users should understand that supplier scores and summaries are generated as decision support only and must be reviewed by an authorized evaluator. Do not provide supplier or business data that should not be used in the assessment, and expect that report generation may require a separate script or manual output handling because the referenced build script is not included in the artifact.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.