Back to skill

Security audit

Dependency Vulnerability Scanner / 依赖漏洞扫描器

Security checks across malware telemetry and agentic risk

Overview

The skill is mostly a dependency-audit guide, but it tells agents to run an automatic dependency fix command without clear safeguards or scope.

Install only if you are comfortable with a skill that may steer an agent toward automatic dependency updates. Prefer running scan/report behavior first, review proposed changes manually, and use auto-fix only in a branch or disposable workspace with tests available.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
90% confidence
Finding
The skill is described as a scanner that generates fix commands, but the example usage additionally promotes `dvs fix --auto`, which implies automatic modification of project dependencies. This mismatch can cause users or downstream agents to invoke a state-changing operation they did not explicitly consent to, potentially altering builds, introducing regressions, or masking what actions will be taken.

Intent-Code Divergence

Medium
Confidence
88% confidence
Finding
The skill overview emphasizes reporting and generating fix commands, but the workflow example escalates to automatic remediation without clearly distinguishing scanning from mutation. In an agent context, that ambiguity is dangerous because an autonomous system may interpret the documentation as authorization to change dependency manifests or lockfiles automatically.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The documented auto-fix command modifies dependencies without any warning about disruptive outcomes such as breaking API changes, lockfile churn, failed builds, or supply-chain risk from unintended upgrades. Because dependency updates directly affect application behavior and trust boundaries, encouraging one-command automatic fixes without safeguards increases the chance of unsafe or destabilizing changes.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.