Joycode

Security checks across malware telemetry and agentic risk

Overview

This appears to be a disclosed coding-assistant skill whose file-editing mode is powerful but aligned with its stated purpose.

Install only if you want a coding assistant that may run terminal workflows and, in full-auto mode, edit project files. Use version control, review diffs after use, and avoid full-auto on sensitive repositories unless you are comfortable with autonomous code changes.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The skill description is broadly scoped to common coding, code review, and terminal assistance requests, making it likely to activate in many ordinary situations. Overbroad triggering increases the chance that a shell-capable coding agent is invoked without clear user intent or adequate safeguards, which can lead to unintended command execution or autonomous actions.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The documentation advertises a full-auto mode that allows file editing but does not prominently warn users about the risks of autonomous code changes. In a shell-driven skill, this can cause unexpected modification of source files, tests, configs, or scripts, especially if users interpret the example as a routine safe workflow.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal