Klazify
Security checks across malware telemetry and agentic risk
Overview
The available telemetry is clean, and there is no artifact-backed evidence of malicious or suspicious behavior in the supplied materials.
Based on the evidence available here, this can remain in the benign bucket. Because the target artifact files were not available for direct review, users should still review the skill's actual instructions and requested account access before installing, especially if it asks for credentials or permission to modify external services.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.