Usd Editor

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only USD editing guide whose file-changing behavior is expected and disclosed for its purpose.

Reasonable to install if you want USD editing help. Before following commands, keep important assets in version control or backups, and use usdedit --noeffect when you only want to inspect a file.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Low

Confidence: 87% confidence
Finding: The documentation states that `usdedit` writes edited content back to the original file, but it does not clearly warn users that opening the tool in normal mode can modify the source asset on save-and-quit. In a skill intended to guide hand-editing of USD files, this omission can lead to accidental overwrites or corruption of important assets, especially for users who may assume they are only viewing a temporary text representation.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal