COMMS.md Reader
Security checks across malware telemetry and agentic risk
Overview
This skill is a bounded, instruction-only helper for reading user-approved COMMS.md preference files and adapting messages accordingly.
Safe to install for its stated purpose. Only approve COMMS.md files or URLs you actually want the agent to use, and review the agent's explanation of what it adapted before sending a message.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
47/47 vendors flagged this skill as clean.