Mova Contract Writer
Security checks across malware telemetry and agentic risk
Overview
This is a documentation-only drafting skill for MOVA contracts with clear review gates and no hidden execution, credential access, or persistence.
Use this as a drafting assistant, not as proof that a generated MOVA contract is safe to run. Verify the pre-contract is intended, confirm the referenced MOVA spec is trusted, review the generated roles, verb, constraints, and human gates, then decide whether to submit the final JSON to a runtime.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.