Encoding Format Advisor

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only software architecture skill for choosing data encoding formats, with no hidden install steps, credentials, or data-sending behavior found.

Before installing, understand that this skill may ask the agent to read schema, code, or architecture files you provide and may write a recommendation or checklist if you allow it. Avoid giving it secrets or unrelated private configuration files. The VirusTotal telemetry was pending, but the static scan was clean and the artifact evidence is coherent and instruction-only.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Unrestricted Tool Access

Medium

Category: Excessive Agency
Content: **Rule 5 — Avoid language-specific encodings (Java Serializable, Python pickle, Ruby Marshal) unless:** - Data is purely transient (in-memory cache within a single process, never written to disk or network) - Security implications are understood and mitigated: deserializing untrusted bytes can execute arbitrary code - No cross-language communication is needed now or in the foreseeable future **Tie-breaker when rules 2 and 4 both apply (schema-driven binary required, but dynamic generation is also needed):**
Confidence: 80% confidence
Finding: execute arbitrary code

Exfiltration Commands

High

Category: Prompt Injection
Content: **Action:** For each planned or expected schema change, check it against the per-format compatibility rules. Classify each change as: safe (backward and forward compatible), backward-only (new code reads old data, but not vice versa), forward-only (old code reads new data, but not vice versa), or breaking (incompatible in at least one direction). **WHY:** The core problem encoding formats solve is not just efficiency — it is allowing old and new versions of code to coexist while reading the same data. During a rolling upgrade, some nodes run new code and some run old code; they write data to the same database or send messages to the same topic. Forward compatibility (old code reads data written by new code) is the harder direction: it requires old code to safely ignore additions made by new code rather than crashing. Each format handles this differently, and the permitted changes differ significantly. #### Protocol Buffers and Thrift: Field Tag Rules
Confidence: 90% confidence
Finding: send messages to

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal