Webperf Resources

Security checks across malware telemetry and agentic risk

Overview

This web performance skill is purpose-aligned and disclosed, with no evidence of credential access, exfiltration, persistence, or destructive behavior.

Install this if you are comfortable with your agent running DevTools JavaScript on pages you choose to inspect. Review suggested cross-skill follow-ups on sensitive logged-in sites, and verify results because the included network-quality script appears incomplete.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Autonomous Decision Making

Medium

Category: Excessive Agency
Content: ## Decision Tree Use this decision tree to automatically run follow-up snippets based on results: ### After Network-Bandwidth-Connection-Quality.js
Confidence: 77% confidence
Finding: automatically run

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal