Content Repurposer

Security checks across malware telemetry and agentic risk

Overview

This is a simple writing-assistance skill for turning user-provided content into marketing drafts, with no hidden execution or sensitive access found.

Safe to install for drafting and repurposing content. Avoid pasting confidential transcripts, unreleased plans, or proprietary marketing material unless you are comfortable having the model process that text; treat the external context-pack link as optional marketing, not part of the skill runtime.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The example invocation phrases are broad, generic writing-assistance prompts that overlap heavily with normal user requests, making accidental or unintended triggering likely in environments that route tasks by prompt similarity. Because the skill is described as a general content transformation tool and includes multiple open-ended examples, it could activate for common content-generation requests outside a tightly scoped repurposing context.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal