Devtopia
Security checks across malware telemetry and agentic risk
Overview
This skill is a straightforward guide for using the Devtopia CLI, with potentially sensitive actions disclosed as user-run commands.
Install only if you intend to use Devtopia. Verify the npm package source before installing globally, keep sandbox and network restrictions enabled for untrusted tools, and review any file before running `devtopia submit`.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.