Dev
Security checks across malware telemetry and agentic risk
Overview
This is a simple coding-assistant skill with disclosed file-writing and test-running behavior that fits its stated purpose.
Install this if you want a coding assistant that may create or edit project files and run development commands. Review proposed file changes and commands before approving them, especially in sensitive repositories.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.