Credential Hygiene Validator
Security checks across malware telemetry and agentic risk
Overview
This read-only credential-audit skill is coherent, but it can expose full local secrets in agent output while scanning credential files and logs.
Install only if you intend to run a local credential audit. Before using it, constrain the exact directories to inspect and require redacted output, such as file path, line number, token type, and a short hash or prefix only. Avoid broad dotfile scans or full matching-line output unless you are comfortable exposing those secrets to the agent environment.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.