Skill Extractor
Security checks across malware telemetry and agentic risk
Overview
This is a transparent local-only skill exporter, but it can package broad local folders and real secrets into a shareable ZIP.
Install only if you are comfortable with an agent inspecting local skill folders and packaging external files referenced by a selected skill. Before approving an export, carefully review the full file list for secrets, SSH keys, browser or session files, app-data folders, and large recursive directories; remove or replace live credentials before sharing the ZIP, and delete any leftover staging folder after a failed run.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.