Agentic Governance
Security checks across malware telemetry and agentic risk
Overview
This is a disclosed, instruction-only governance skill that writes expected workspace state and does not request credentials, network access, or hidden code execution.
Before installing, confirm the package namespace and version are the intended ones. Use it in trusted workspaces, review changes under output/governance/, output/constraints/, and agentic/INDEX.md, and remember that HEARTBEAT checks may update governance reports during periodic maintenance.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.