Sovereign Security Auditor
Security checks across malware telemetry and agentic risk
Overview
This is an instruction-only security audit skill that asks an agent to inspect code for vulnerabilities and secrets, with no evidence of hidden execution or data theft.
Install only for code you are authorized to audit. When using it on real repositories, clearly limit the target scope and ask the agent to mask or truncate discovered secret values in reports; rotate any real credentials it finds in source control.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.