Security audit
Golden Master
Security checks across malware telemetry and agentic risk
Overview
Golden Master appears to be a local documentation staleness checker that reads repository files and produces checksum metadata, with no supported malicious or review-worthy behavior.
Before installing, be comfortable with the skill reading repository files to compare documentation and generating checksum metadata comments when you ask it to. It should not need credentials, network access, background workers, or automatic file edits for its stated purpose.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.
Static analysis
No suspicious patterns detected.
