卡帕西研究系统
Security checks across malware telemetry and agentic risk
Overview
This is a lightweight Karpathy research/education skill with no evidence of hidden data collection, destructive behavior, or deceptive install activity.
Before installing, decide whether you want the agent to access external services for daily research and keep any generated skill creation, updates, or backups under explicit user approval. Review the unused hard-coded Windows workspace path if you plan to run or modify the Python helper.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
67/67 vendors flagged this skill as clean.