Code Smell Diagnosis
Security checks across malware telemetry and agentic risk
Overview
This skill is a code-review helper that reads user-provided code and writes a code-smell diagnosis report, with no evidence of hidden execution or data misuse.
Install only if you are comfortable letting the agent read the code or snippets you ask it to analyze and write a diagnosis report. Review any suggested refactorings before applying them. The unrelated high-risk capability tags should be corrected by the publisher or platform, but they are not reflected in the skill artifact itself.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.