Refactor Safely

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed refactoring workflow helper with no executable code or hidden data access.

Use this skill for deliberate refactoring work in a version-controlled project. When the request is broad, confirm the intended scope and review the plan, diffs, tests, and rollback notes before accepting code changes.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 87% confidence
Finding: The activation triggers are broad enough to match common user requests such as generic refactoring or code cleanup, which can cause unintended invocation of this skill. In an agent system, ambiguous routing may lead to the wrong workflow being applied, increasing the chance of unnecessary code changes or bypassing more appropriate specialized review paths.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal