Game Dev Assistant

Security checks across malware telemetry and agentic risk

Overview

This is a broad game-development helper that reads local game files and can run Unity builds, but the reviewed artifacts are disclosed, purpose-aligned, and show no hidden network, persistence, credential, or destructive behavior.

Install this only if you want a broad local game-development assistant. Use extra care before running Unity builds or custom build methods, verify project and output paths, keep backups before any future save or asset modification workflow, and review generated log reports before sharing them.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The trigger scenarios are very broad, covering analysis, packaging, builds, testing, save parsing, engine assistance, shader debugging, and log analysis, which makes over-activation likely. Because the skill also references scripts that can build projects, modify files, and run tooling, ambiguous activation boundaries increase the chance of unintended execution in contexts where a narrower, read-only skill would be safer.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal