Security audit
DW-Copilot
Security checks across malware telemetry and agentic risk
Overview
This is a text-only data warehouse workflow skill with disclosed approval steps, but users should scope credentials and review generated warehouse code before running it.
Install only if you want a guided data warehouse SDD workflow. Use read-only or least-privileged metadata credentials, prefer environment variables for secrets, avoid saving cookies or keytabs in project files, limit table and HDFS collection scope, and review generated DDL, INSERT OVERWRITE SQL, and scheduler configs in a development environment before production use.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.