Back to skill

Security audit

Funnel

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a normal product-growth guidance skill, with only a minor risk that broad trigger phrases may activate it in unrelated conversations.

Install if you want help with onboarding, activation, retention, or landing-page optimization. Be aware it may activate on generic marketing/product discussions because the trigger terms are broad; prefer using it explicitly for growth-funnel tasks.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
93% confidence
Finding
This manifest file defines triggers such as "onboarding," "activation," "retention," and "landing page," which are common terms in many product and marketing conversations and are not specific enough to this skill alone. The file also provides no exclusion conditions or negative examples to clarify when the skill should not activate, increasing the risk of accidental invocation.

VirusTotal

56/56 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.