Security audit
Sqlite Turso Migration
Security checks across malware telemetry and agentic risk
Overview
This is a disclosed draft guidance skill for database migration, with sensitive database credentials declared but no executable payload or hidden behavior found.
Safe to install as guidance. Before using it against real databases, work from backups or staging copies, use scoped database credentials, review generated migration scripts or commands before running them, and avoid granting broader production access than the migration actually needs.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.
Static analysis
No suspicious patterns detected.
