testing-python
Security checks across malware telemetry and agentic risk
Overview
This is an instruction-only pytest testing guide with no installer, executable code, credential use, or hidden runtime behavior.
This appears safe to install as pytest guidance. Before relying on it, check that your project actually uses its assumed conventions and tools, especially uv, pytest-xdist, inline-snapshot, FastMCP, and asyncio_mode='auto'; snapshot update commands and pytest runs can modify or execute project test code when a user chooses to run them.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.