WBS Planner
Security checks across malware telemetry and agentic risk
Overview
This looks like a disclosed project-planning skill whose development commands are expected for its workflow, not hidden or unrelated behavior.
Install this only in projects where you are comfortable with the agent creating or editing planning files and, when following Dev workflow instructions, running local build/test or coding commands. Review generated tasks before dispatching them to agents, especially if task text comes from an untrusted source.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.