Security embedded Dev
Security checks across malware telemetry and agentic risk
Overview
This is a read-only defensive review checklist for AI model supply-chain security and does not install code or request sensitive access.
Install this skill when you want an agent to perform a structured, read-only review of ML model supply-chain risks. It may inspect project files for model sources, dataset references, dependency manifests, and related security controls, so use it only on repositories you are authorized to review.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.