Back to skill

Security audit

Competitor Analysis

Security checks across malware telemetry and agentic risk

Overview

This is a coherent marketing research skill that may fetch public competitor pages and save analysis notes, with no hidden install hooks or credential behavior found.

Before installing, be aware that the skill may use public web/SEO tooling and save competitor research notes into the agent's memory files. Provide only competitor URLs, your own site metrics, and business context you are comfortable using for marketing analysis; review saved memory notes if your workspace contains sensitive strategy details.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The `when_to_use` text uses broad conditions like "analyzing competitor SEO strategy" and "comparing domains," which overlap with many general SEO research requests and do not clearly bound when this skill should activate versus other related skills. While the file distinguishes one exclusion for pairwise content-gap work, it does not provide a tight trigger list or broader negative examples to prevent over-invocation.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.