Back to skill

Security audit

Vertical Spacing

Security checks across malware telemetry and agentic risk

Overview

This is a markdown-only design helper for vertical spacing, with disclosed Figma read/write guidance limited to selected frames and explicit user approval.

Install this if you want spacing and vertical-trim review guidance. When using it with Figma, review proposed changes before authorizing writes, and be aware that one missing-trim alert template is hard-coded in Polish rather than locale-aware.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Natural-Language Policy Violations

Medium
Confidence
95% confidence
Finding
The skill hard-codes a Polish alert string without any stated locale requirement or user-language check. In practice this can cause misleading or unusable output in other environments, and if downstream systems rely on the emitted text, it can create operational errors or poor human review outcomes.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.