Back to skill

Security audit

Open Feed Recsys Reviewer

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only review helper for public recommendation-system repositories, with clear limits against private data access and automatic code execution.

Reasonable to install for reviewing public recommender-system repositories or claims. Only provide local files you intend the agent to inspect, and separately approve any later request to run repository code or modify files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.