Back to skill

Security audit

Virtual Intelligent Dev Team

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed software-workflow routing skill with opt-in automation guardrails and no bundled executable code or hidden data access.

Install only if you want a structured software-delivery workflow router. Treat /auto, Git, release, and resume commands as actions that can affect a repository: review generated plans first, confirm before running project scripts, and be aware that some referenced scripts may not be included in the skill package.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Autonomous Decision Making

Medium
Category
Excessive Agency
Content
# Auto Run Playbook

`/auto` 是 `virtual-intelligent-dev-team` 的显式自动运行协议。
Confidence
88% confidence
Finding
Auto Run

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.