Security audit
Nexus2 Pipeline Fix
Security checks across malware telemetry and agentic risk
Overview
This skill is a narrow markdown-only instruction for fixing two Nexus2 pipeline bugs, with no bundled code, automatic execution, credential access, or persistence.
Before using it, obtain the referenced patched publisher.py and nexus.py from a trusted source, review the diff against your Nexus2 version, back up the originals, and test in a staging copy before running the prediction pipeline.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.