Security audit
李高伟周报生成
Security checks across malware telemetry and agentic risk
Overview
Available telemetry shows no malicious signal, but the target skill artifacts were not present in the workspace for direct verification.
Proceed only after confirming the actual skill files and metadata match what you expect. Based on the supplied scan telemetry there is no reason to hold the skill for review, but this verdict is low confidence because the target artifacts were unavailable for direct inspection.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.
Static analysis
No suspicious patterns detected.
