Governance.Wrapper
Security checks across malware telemetry and agentic risk
Overview
This skill appears security-focused, but it requires sensitive agent context to be routed through an unreviewed local wrapper that controls future autonomous work and keeps persistent evidence logs.
Install only if you intentionally want this skill to govern strict-mode autonomous work. Before using it, independently inspect the referenced governance_wrapper.py script and confirm its allowlists, log location, retained fields, retention/deletion process, and how a user can disable or bypass the wrapper for out-of-scope tasks.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
62/62 vendors flagged this skill as clean.