HVAC Business Operations

Security checks across malware telemetry and agentic risk

Overview

This is a plain HVAC business reference and does not ask the agent to run code, access private data, or change systems.

This appears safe to install from an agentic-security perspective. Treat its pricing, compliance, and business benchmarks as general reference material, verify current local licensing and regulatory requirements before relying on them, and be aware that the included external links are promotional/reference links from the publisher.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Low

Confidence: 83% confidence
Finding: The usage text says to ask the agent about HVAC business operations, pricing, compliance, seasonal planning, or growth strategy, which is broad enough to match many ordinary HVAC-related prompts without clearly defining activation boundaries. This can cause the skill to trigger unintentionally and inject business-domain guidance into unrelated conversations, creating prompt-routing confusion and increasing the chance of inappropriate or overbroad responses.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal