Marketing Analytics

Security checks across malware telemetry and agentic risk

Overview

This appears to be a markdown-only marketing helper with overly broad business wording, not a skill that installs code, persists, or accesses credentials.

Install only if you want a prompt aid for marketing analysis or marketing copy tasks. Treat its broad business and compliance wording as advisory only, and have qualified people review strategic, legal, regulatory, financial, or sensitive customer-facing outputs.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 87% confidence
Finding: The skill description and surrounding instructions are so broad that the agent could be invoked for vaguely related business tasks beyond narrowly scoped marketing analytics. In agentic environments, unclear scope increases the chance of inappropriate data exposure, over-broad task execution, or reliance on the skill for decisions outside its intended domain.

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The use-case section lists generic business and enterprise scenarios that materially broaden the perceived applicability of the skill beyond marketing analytics. This can cause an orchestrating agent or user to route unrelated operational, strategic, or vendor-management tasks through the skill, increasing the risk of misuse and overreach.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal