Construction
Security checks across malware telemetry and agentic risk
Overview
This is an instruction-only construction project management skill with expected business workflows and no executable code or hidden access behavior found.
Before using this on real projects, connect it only to necessary project systems, limit write permissions, and require human approval for pay applications, purchase orders, change orders, and owner-facing communications. Treat budgets, site photos, safety incidents, and subcontractor records as sensitive project data.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.