Back to skill

Security audit

Code Review Assistant

Security checks across malware telemetry and agentic risk

Overview

The skill does not appear to steal data or change files, but it advertises real code and security review while returning canned reports.

Treat this as a demo or placeholder, not a real reviewer. Do not rely on its output for merge decisions, CI gates, vulnerability detection, or security signoff unless it is updated to analyze the actual files, diffs, and pull requests it claims to review.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Intent-Code Divergence

Medium
Confidence
98% confidence
Finding
The review command claims to analyze a user-specified file or directory, but it ignores the target and always emits a hardcoded report. In a code-review skill, this is dangerous because it can create false assurance that code was reviewed for bugs or security issues when no analysis actually occurred, leading users to merge vulnerable or broken code.

Intent-Code Divergence

Medium
Confidence
97% confidence
Finding
The diff command presents itself as analyzing repository changes, but it only prints git diff statistics and then outputs a static issue summary unrelated to the actual diff. This is misleading in a security-review context because developers may trust the fabricated results and miss real issues introduced by code changes.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.