pathway-score-guide-pro

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed education and career-path scoring guide with local helper scripts and no evidence of hidden access, persistence, exfiltration, or destructive behavior.

Before installing, be aware that the skill may ask for detailed academic, school, employment, or title-review information. Use official school or unit documents where possible, treat generated scores as estimates, and avoid sharing unnecessary personal identifiers or confidential internal materials.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The weak trigger phrases are generic, everyday planning questions that can appear in unrelated conversations, so they can cause the skill to activate when the user did not intend to invoke an admissions/title-evaluation workflow. In this skill, unintended activation is meaningful because it can steer users into quasi-authoritative scoring or policy guidance, potentially producing misleading eligibility or planning advice in the wrong context.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal