presales-cloud-architect

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only presales cloud architecture skill that uses public research to draft customer proposals and does not request credentials, local file access, installation scripts, persistence, or privileged actions.

Installers should treat this as a low-risk drafting aid for sales and architecture work. Avoid entering confidential customer data unless your agent environment is approved for it, verify any web-derived facts and financial estimates before sharing externally, and be aware that the template is designed for Chinese-language executive-style output.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Natural-Language Policy Violations

Medium

Confidence: 95% confidence
Finding: The skill hard-requires Chinese output for all interactions and does not provide any user choice or opt-in, which can override a user's preferred language and reduce transparency or usability. This is especially risky in enterprise advisory contexts because users may misunderstand recommendations, constraints, or risks if the response language is forced rather than negotiated.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal