Vendor Contracts
Security checks across malware telemetry and agentic risk
Overview
This is an instruction-only workflow for triaging vendor contracts and does not request sensitive access, persistence, or system changes.
This skill appears appropriate for structured vendor contract triage. Users should treat its output as review support, not legal advice, and involve qualified counsel for final decisions, unusual risk terms, or high-value agreements.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
49/49 vendors flagged this skill as clean.