Back to skill

Security audit

ts4

Security checks across malware telemetry and agentic risk

Overview

This skill is a small, disclosed testing helper with execution permission, but its included script only prints fixed status messages and shows no harmful behavior.

Install only if you are comfortable giving this skill local command execution permission. The current files look harmless and very limited, but the project has little external provenance and appears more like a placeholder than a full testing framework.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.