Ainative Platform Overview

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only overview skill for AINative that lists setup commands and routes users to related AINative skills, with no hidden execution or data access.

Install it as a reference and routing aid. Run the listed npm, pip, npx, or curl examples only when you intentionally want to use AINative tools, verify package names first, and keep any API keys or JWTs least-privileged and out of logs or public code.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The skill’s activation criteria are very broad and position it as a default routing hub for general discovery, onboarding, and package-listing requests. In an agent environment, overly broad triggers can cause over-invocation, expanding the chance that users are steered into networked or tool-using workflows without a more specific, least-privilege skill being selected first.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal