Marketplace
Security checks across malware telemetry and agentic risk
Overview
This is a documentation-only marketplace advice skill with no executable code, install actions, credential use, or hidden persistence identified.
Installers should understand that the skill may prompt the agent to look up current marketplace prices, fees, and platform rules. Treat legal, tax, purchasing, listing, and account-risk advice as guidance to verify, and require explicit user approval before any real-world transaction or account change.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.