Deepseek Deepseek Coder
Security checks across malware telemetry and agentic risk
Overview
This is a coherent local-LLM setup guide with no bundled code or artifact-backed malicious behavior, though users should review the third-party package before installing it.
Before installing, verify the ollama-herd PyPI package and linked repository, preferably use an isolated environment, and be aware that model pulls can be very large. Keep the local router bound to trusted interfaces and confirm any model download or deletion prompts before proceeding.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
VirusTotal findings are pending for this skill version.