Test my skill
Security checks across malware telemetry and agentic risk
Overview
The package has no executable code, but its visible instructions do not match its stated test purpose and could steer an agent toward broad backend, authentication, database, and delete-endpoint changes.
Review before installing. This does not look like malware or an executable installer, but it is not just a harmless test description: a coding agent may interpret the notes as instructions to make broad auth, database, repository-fetching, and deletion changes. Install only if that behavior is intentional for your testing context.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.