Code Search
Security checks across malware telemetry and agentic risk
Overview
This is a read-only local code search helper, with a setup-documentation caveat about optional dependency installation.
Before installing, check whether rg, fd, and tree are already available. If dependencies are missing, prefer your OS package manager or verified releases, and only allow privileged installation into /usr/local/bin if you explicitly intend that. When using the skill, point --path at the project you want searched because results may reveal any readable files in that path.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
63/63 vendors flagged this skill as clean.