Audit
Security checks across malware telemetry and agentic risk
Overview
This knowledge-base audit skill is mostly coherent, but it can run an unreviewed project script during link checking.
Install only if you are comfortable with the agent reading markdown in the current project. For safer use, run it from the intended knowledge-base directory and explicitly tell the agent not to execute any link-checking script unless you have reviewed and approved that script first.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.