Smart Context
Security checks across malware telemetry and agentic risk
Overview
The skill appears to be a disclosed efficiency aid for reducing token use and context overhead, with no evidence of credential use, persistence, exfiltration, or destructive behavior.
This looks appropriate to install if you want the agent to be more concise and conservative with context. Review its instructions for how aggressively it may shorten responses or defer context loading, since that can affect answer detail, but there is no evidence of hidden access or high-impact authority.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.