explain-code
Security checks across malware telemetry and agentic risk
Overview
This skill appears to only guide an agent in explaining code and does not show execution, persistence, data access, or exfiltration behavior.
This appears safe to install as a code-explanation helper. As with any explanatory skill, review its advice before applying changes to real code, but there is no artifact-backed evidence here of hidden execution, data collection, or account-impacting behavior.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.