Aleph Alpha
Security checks across malware telemetry and agentic risk
Overview
No scanner or workspace evidence showed hidden, destructive, or purpose-mismatched behavior, but the actual skill artifact was not available for direct review.
Reasonable to install based on the available signals, but because the artifact files were not present for direct inspection in this workspace, review the skill's visible instructions and any install-time files before granting credentials, write access, or automation privileges.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.