Intelligence Suite
Security checks across malware telemetry and agentic risk
Overview
The skill mostly does disclosed public news scraping, but it needs review because it mixes an unlabeled fake news item into normal output and can fetch pages beyond its declared source list.
Review before installing if you need reliable factual intelligence output. The skill does not show malware-like behavior, but normal runs may include an unlabeled placeholder item and may fetch third-party pages outside the named sources; treat all scraped snippets as untrusted source text.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
61/61 vendors flagged this skill as clean.