Security audit

Code Quality Guardian

Security checks across malware telemetry and agentic risk

Overview

This is a code-quality scanning skill that reads user-selected code, runs expected local analysis tools, and writes optional reports without evidence of hidden data theft or destructive behavior.

Install only if you are comfortable with a local analyzer reading the project path you give it and invoking installed lint/security tools. Prefer using it in a project-scoped environment, pin dependencies before CI use, and be careful opening generated HTML reports for untrusted repositories.

SkillSpector

By NVIDIA

Vulnerability Patterns

Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration

Findings (19)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 88% confidence
Finding: The skill advertises and demonstrates capabilities that imply shell execution, filesystem access, and environment interaction, but it does not declare any permissions or constraints. This creates a trust and policy gap: downstream systems or users may approve the skill without understanding that it can run tooling against local code, read project files, write reports, and potentially access sensitive environment data.

Context-Inappropriate Capability

Medium

Confidence: 94% confidence
Finding: The check command will execute any program name supplied by the user via shutil.which(tool_name) and subprocess.run([tool_name, "--version"]). In a code-quality tool, this creates unnecessary execution capability that can run attacker-controlled binaries from PATH or trusted-looking local environments, expanding the skill beyond its stated purpose.

Unpinned Dependencies

Low

Category: Supply Chain
Content: # Core dependencies # 核心依赖 click>=8.0.0 pyyaml>=6.0 colorama>=0.4.6 tabulate>=0.9.0
Confidence: 87% confidence
Finding: click>=8.0.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: # Core dependencies # 核心依赖 click>=8.0.0 pyyaml>=6.0 colorama>=0.4.6 tabulate>=0.9.0 jinja2>=3.1.0
Confidence: 95% confidence
Finding: pyyaml>=6.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: # 核心依赖 click>=8.0.0 pyyaml>=6.0 colorama>=0.4.6 tabulate>=0.9.0 jinja2>=3.1.0
Confidence: 84% confidence
Finding: colorama>=0.4.6

Unpinned Dependencies

Low

Category: Supply Chain
Content: click>=8.0.0 pyyaml>=6.0 colorama>=0.4.6 tabulate>=0.9.0 jinja2>=3.1.0 # Python code quality tools
Confidence: 84% confidence
Finding: tabulate>=0.9.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: pyyaml>=6.0 colorama>=0.4.6 tabulate>=0.9.0 jinja2>=3.1.0 # Python code quality tools # Python 代码质量工具
Confidence: 94% confidence
Finding: jinja2>=3.1.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: # Python code quality tools # Python 代码质量工具 flake8>=6.0.0 pylint>=2.17.0 bandit[toml]>=1.7.0 radon>=6.0.0
Confidence: 82% confidence
Finding: flake8>=6.0.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: # Python code quality tools # Python 代码质量工具 flake8>=6.0.0 pylint>=2.17.0 bandit[toml]>=1.7.0 radon>=6.0.0 xenon>=0.9.0
Confidence: 82% confidence
Finding: pylint>=2.17.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: flake8>=6.0.0 pylint>=2.17.0 bandit[toml]>=1.7.0 radon>=6.0.0 xenon>=0.9.0 # Type checking
Confidence: 81% confidence
Finding: radon>=6.0.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: pylint>=2.17.0 bandit[toml]>=1.7.0 radon>=6.0.0 xenon>=0.9.0 # Type checking # 类型检查
Confidence: 81% confidence
Finding: xenon>=0.9.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: # Type checking # 类型检查 mypy>=1.0.0 # Security scanning # 安全扫描
Confidence: 83% confidence
Finding: mypy>=1.0.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: # Security scanning # 安全扫描 safety>=2.3.0 # JavaScript/TypeScript support (optional) # JavaScript/TypeScript 支持（可选）
Confidence: 90% confidence
Finding: safety>=2.3.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: # Report generation # 报告生成 markdown>=3.4.0 # Development dependencies # 开发依赖
Confidence: 86% confidence
Finding: markdown>=3.4.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: # Development dependencies # 开发依赖 pytest>=7.0.0 pytest-cov>=4.0.0 black>=23.0.0 isort>=5.12.0
Confidence: 80% confidence
Finding: pytest>=7.0.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: # Development dependencies # 开发依赖 pytest>=7.0.0 pytest-cov>=4.0.0 black>=23.0.0 isort>=5.12.0
Confidence: 80% confidence
Finding: pytest-cov>=4.0.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: # 开发依赖 pytest>=7.0.0 pytest-cov>=4.0.0 black>=23.0.0 isort>=5.12.0 # Utility
Confidence: 89% confidence
Finding: black>=23.0.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: pytest>=7.0.0 pytest-cov>=4.0.0 black>=23.0.0 isort>=5.12.0 # Utility # 工具
Confidence: 80% confidence
Finding: isort>=5.12.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: # Utility # 工具 pathspec>=0.11.0 tomli>=2.0.0;python_version<"3.11"
Confidence: 81% confidence
Finding: pathspec>=0.11.0

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.dynamic_code_execution

Dynamic code execution detected.

Critical

Code: suspicious.dynamic_code_execution
Location: tests/test_quality_checker.py:94