AI代码审查助手
Security checks across malware telemetry and agentic risk
Overview
This is a simple code-review skill with no executable payload, but its documentation references a review script that is not included.
Install only if you are comfortable with a code-review helper inspecting local source files. Before running the documented node scripts/review.mjs command, confirm that the script exists in the installed skill location and review it, because this package contains only markdown documentation and no review script.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.