Meta Tags Optimizer

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward SEO meta-tag helper with disclosed optional SEO data use and memory notes, and no executable or hidden behavior was found.

Install is reasonable for SEO metadata work. Before use, decide whether the agent may access connected Search Console or SEO-tool data, and review any memory files it saves if keywords, campaign strategy, or unpublished page positioning are sensitive.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The trigger list contains broad phrases such as generic requests around meta tags and CTR that can plausibly match many ordinary SEO-related prompts without sufficient gating. This can cause the skill to activate outside its narrow intended context, leading to inappropriate instruction injection into unrelated tasks, unnecessary file/memory writes, or unintended use of connected SEO tooling.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal