Tool Calling

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only skill that gives security-focused guidance for designing LLM tool/function calling workflows.

This skill is appropriate to install if you want structured guidance for building safer LLM tool integrations. Treat its references to credentials, admin tools, filesystem tools, and sensitive data as design topics to review carefully in your own systems, not as behavior the skill itself performs.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal