S³ Threat Modeling

Security checks across malware telemetry and agentic risk

Overview

This is a guidance-only threat modeling skill with no code, install actions, credentials, persistence, or hidden system access.

This skill appears safe to install as a security-review assistant. Use it only with systems you are authorized to review, and avoid pasting sensitive architecture details unless your workspace is appropriately access-controlled.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal