Security audit
Ad Filing Compliance Helper
Security checks across malware telemetry and agentic risk
Overview
This skill is low-risk because it only contains a short compliance-helper instruction file and no executable code, though its example command points to a script that is not included.
Safe to install from a security perspective based on the available artifact. Before relying on it for real advertising filings, confirm whether the missing check.py exists elsewhere and review any future added code, especially because compliance guidance can affect regulated business decisions.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.