Game Architecture Maintainability Audit

Security checks across malware telemetry and agentic risk

Overview

This skill is a scoped game-code audit helper that reads project files and writes three disclosed audit documents, with no scripts, dependencies, credential use, or hidden behavior found.

Install this if you want an agent to inspect a game project and generate maintainability audit files. Run it on a branch or review the generated docs before committing, since it is intended to modify files under docs/game-studio/audit/. Grant shell or build access only when you want stronger local evidence.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Low

Confidence: 89% confidence
Finding: The skill explicitly instructs the agent to update repository files, but it does not clearly warn the user up front that running the skill will modify the workspace. In an agent setting, undisclosed write behavior can cause unintended file changes, review bypass, or trust issues even when the edits are limited to audit artifacts.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal