Pattern Mine

Security checks across malware telemetry and agentic risk

Overview

Pattern Mine is a read-only code analysis skill for finding repeated or divergent code patterns, with no evidence of hidden execution, network use, persistence, or credential handling.

Install only for repositories you are authorized to analyze. Expect the agent to read enough source code to compare patterns across files, and review any refactoring recommendations before asking the agent to make changes.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 87% confidence
Finding: The invocation guidance is broad and maps to common developer workflows such as onboarding, refactoring, sprint planning, code review, and quarterly health checks. In an agent ecosystem, this increases the chance the skill is auto-selected or over-invoked in situations where the user did not explicitly request cross-codebase semantic analysis, which can create unnecessary exposure of repository context and reduce user control.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal