投放数据分析
Security checks across malware telemetry and agentic risk
Overview
The skill appears to be a local advertising and finance report generator, but it needs review because it can process more business data than the date range suggests and writes raw data samples into persistent HTML reports.
Install only if you are comfortable with a local Python tool reading advertising and financial files from the configured folder and writing reports to disk. Use a narrow input folder, set an explicit private output folder, avoid using untrusted CSV/XLSX files, and review generated HTML reports before sharing because they may contain raw business data.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.