Model Checker
Security checks across malware telemetry and agentic risk
Overview
This skill simply fetches a disclosed list of internal AI models from one stated company API endpoint, with no evidence of hidden local access or persistence.
Before installing, confirm you trust the publisher and that your environment is allowed to contact the disclosed company API domain. The single VirusTotal detection is worth noting, but the reviewed files do not show hidden data access, credential use, persistence, or destructive behavior.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
1/65 vendors flagged this skill as malicious, and 64/65 flagged it as clean.