Archunit Architecture Guard

Security checks across malware telemetry and agentic risk

Overview

This appears to be a purpose-aligned architecture/code-quality helper, with the main caveat that its trigger wording may be broader than ideal.

Install if you want an architecture-analysis helper, but invoke it with a clear target path and confirm before letting it create or modify tests or recommendations across a whole repository.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The trigger description is broad enough to match common architecture and code-quality questions, so the skill may auto-invoke in situations where the user did not intend a repository-wide scan or architecture enforcement workflow. In context, that increases the chance of unnecessary file access and unexpected generation of test artifacts or recommendations based on incomplete user intent.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal