Security audit
AI 网站上线助手
Security checks across malware telemetry and agentic risk
Overview
This skill is a deployment-audit helper that is clear about inspecting a local project, avoiding secrets, and only uploading static publishable files under scoped conditions.
Before installing, understand that this skill is meant to read your local project structure and source evidence for deployment analysis. Only use the static upload path when you are comfortable sending the selected publishable site files to the configured Coze transfer endpoint, and review the generated dossier and manifest to confirm no secrets or unintended files are included.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.
Static analysis
No suspicious patterns detected.
