Word Count
Security checks across malware telemetry and agentic risk
Overview
The skill artifacts I could inspect are coherent with developer or maintainer workflows and do not show hidden exfiltration, deception, or unsafe automatic behavior.
Install only if you intend to use these developer or maintainer workflows. Review the commands before running them, especially moderation actions, GitHub publishing, and the autoreview helper; use dry-run or no-bypass options where available and rely on your own authenticated accounts and normal audit controls.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.