Vestaboard
Security checks across malware telemetry and agentic risk
Overview
This skill does what it says: it lets an agent read from and write to a Vestaboard using user-provided Vestaboard credentials.
Install this only if you want an agent to read and update your Vestaboard. Keep the token in environment secrets, do not put it in prompts or commits, leave VESTABOARD_API_BASE pointed at a trusted Vestaboard endpoint, and use write-layout only with known 6x22 layout JSON files.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
63/63 vendors flagged this skill as clean.