AgentPin
Security checks across malware telemetry and agentic risk
Overview
AgentPin is a documentation-only skill for cryptographic agent identity verification, with sensitive key and credential examples that fit its stated purpose.
Before installing or following the examples, verify that any external AgentPin packages come from the intended maintainer, pin dependency versions, keep generated private keys out of source control, use short-lived least-privilege credentials, and understand how TOFU pins or trust bundles are reviewed, rotated, or reset.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.