FOSMVVM SwiftUI View Generator

Security checks across malware telemetry and agentic risk

Overview

This is a focused SwiftUI code-generation skill with no evidence of hidden execution, credential use, persistence, or data exfiltration.

Before installing, understand that generated code may reflect prior conversation or loaded specification content. Use it with scoped project context, avoid including secrets or proprietary details that should not appear in output, and review generated SwiftUI files before committing.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Low

Confidence: 88% confidence
Finding: The skill explicitly states it will use prior conversation context and specification files automatically when generating code, but it does not warn that those sources may contain sensitive, proprietary, or irrelevant data that could be echoed into generated output. In an agent setting, implicit context ingestion increases the risk of unintended data disclosure, especially when users do not realize that previously shared material may be incorporated into files the skill produces.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal