Test Specialist

Security checks across malware telemetry and agentic risk

Overview

This skill is a testing and debugging assistant whose local file-reading helpers are disclosed and appropriate for finding coverage gaps.

Reasonable to install for normal development use. Run the optional Python scripts only against the project directories or coverage files you intend to inspect, and review outputs before acting on broad testing or security suggestions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 83% confidence
Finding: The activation criteria are extremely broad, covering test writing, bug fixing, code analysis, performance, security, and general systematic analysis for JavaScript/TypeScript applications. This can cause the skill to trigger in many unrelated development contexts, increasing the chance it is invoked with access to code and files beyond what is necessary and bypassing more specialized or restrictive skills.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal