Windows Ai
Security checks across malware telemetry and agentic risk
Overview
This is a coherent local Windows AI setup guide, but it deserves review because it tells users to expose an unauthenticated AI service on the network.
Install only if you want a LAN-accessible local AI cluster and trust the ollama-herd package source. If you only need local use, avoid opening the firewall. If you do open port 11435, restrict it to trusted private devices and confirm whether the server supports authentication or allowlists before sending sensitive prompts.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
VirusTotal findings are pending for this skill version.