prompt-eval
Security checks across malware telemetry and agentic risk
Overview
This is an instruction-only prompt evaluation skill with clear local output handling and no evidence of hidden execution or data exfiltration.
Before installing, be aware that evaluation artifacts can contain proprietary prompts, sensitive inputs, adversarial text, and raw model outputs. Use the default delete retention unless you need records, choose a private output directory, and keep tested prompts or subagents confined to the minimum tools needed for evaluation.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.