Map

Security checks across malware telemetry and agentic risk

Overview

This is a coherent business planning skill with broad trigger phrases but no evidence of hidden access, code execution, persistence, or data misuse.

Install this if you want a broad strategic planning helper. Be aware it may activate on generic planning language, and avoid sharing confidential business details unless you are comfortable providing them to your agent environment.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The trigger phrase "how do I get from here to there" is generic conversational language that could appear in many unrelated contexts, not just strategic or business-planning requests. Because the manifest provides no exclusion conditions or scope constraints, this raises the risk of unintended invocation.

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The phrase "map this goal" is short and broad enough to match many ordinary requests outside the intended strategic-mapping context. The manifest does not clarify what kinds of goals qualify or when the skill should not activate.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal