Back to skill

Security audit

Backend Engineer

Security checks across malware telemetry and agentic risk

Overview

This is a broad backend engineering guidance skill with some powerful DevOps examples, but the behavior is disclosed, purpose-aligned, and not self-executing.

Install only if you want broad backend and DevOps guidance. Treat any Kubernetes, Terraform, deployment, payment, or hook-bypass examples as commands that require your explicit approval, appropriate permissions, and your organization’s change-control process.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Tool Parameter Abuse

High
Category
Tool Misuse
Content
**Automate repetitive dev tasks:**
- Pre-commit hooks (Husky, pre-commit, lefthook): lint, format, type-check, run
  fast unit tests. Do not run slow integration tests in pre-commit.
- Pre-push hooks: run full test suite. Can be skipped with `--no-verify` in emergencies.
- Commit message linting (commitlint, conventional commits): enforce `type(scope):
  description` format. Enables automated changelog generation and semantic versioning.
- Generate boilerplate: `make new-service name=payments` creates the directory structure,
Confidence
84% confidence
Finding
--no-verify

Tool Parameter Abuse

High
Category
Tool Misuse
Content
- `kubectl top pod` — current CPU/memory usage. Compare to requests/limits.

**Network/DNS troubleshooting:**
- `kubectl run debug --image=nicolaka/netshoot --rm -it -- /bin/bash` — throwaway
  debug pod with networking tools.
- From debug pod: `dig <service>.<namespace>.svc.cluster.local` — does CoreDNS resolve
  the service? Check `/etc/resolv.conf` for `ndots` issue (default ndots:5 means
Confidence
71% confidence
Finding
rm -it -- /bin/

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.