审核质检
Security checks across malware telemetry and agentic risk
Overview
The skill is self-contained and shows no exfiltration or malware behavior, but its advertised automated quality/compliance review is only random mock output while it can create approval/rejection review records in bulk.
Review before installing if you expect real automated quality or compliance checks. Treat the automatic score as a placeholder, and do not let an agent approve, reject, or enforce ad-material decisions based only on this skill’s automated output; use the manual and batch workflow only when the target materials are explicitly specified.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.