Contract
Security checks across malware telemetry and agentic risk
Overview
This contract-drafting skill is coherent and locally scoped, but it can store sensitive contract details in files on the user's machine.
Install only if you are comfortable with an agent creating and maintaining contract drafts, notes, and metadata under ~/contracts/. Avoid entering unnecessary sensitive legal or financial details, protect that folder, and have important contracts reviewed by a licensed attorney before signing.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.