Supplier Scorecard

Security checks across malware telemetry and agentic risk

Overview

This is a text-only supplier scoring guide that may use private business records as inputs but does not install code, persist data, or automate purchases.

Install if you want structured supplier review support. Use redacted or minimal excerpts from emails and chats, follow company confidentiality rules, and keep final supplier switching, purchasing, or negotiation decisions under human review.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Low

Confidence: 83% confidence
Finding: This markdown file directs the user to compile order history, email, and chat logs as evidence for scoring suppliers. Because those sources can contain personal, confidential, or commercially sensitive information, the description should include a brief warning about handling sensitive data appropriately.

VirusTotal

53/53 vendors flagged this skill as clean.

View on VirusTotal