fastfish 微信公众号(wechat)快速排版精简版
Security checks across malware telemetry and agentic risk
Overview
The skill is a disclosed helper for running fastfish-lite locally, with real but expected supply-chain, credential, and scheduled-task considerations.
Before installing, review the linked repository and dependencies, use the pinned release tag or another trusted version, run it in an isolated non-root environment, keep webhook/API credentials in .env only, and enable cron pushes only for channels you control.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.