E-commerce Live Streaming Master

Security checks across malware telemetry and agentic risk

Overview

This is a benign marketing-planning skill, with the main caveat that broad trigger words may make it appear in too many related conversations.

Install it only if you want help creating e-commerce livestream sales plans and scripts. Review any urgency, scarcity, or closing language for platform rules, advertising law, and consumer-protection expectations before using it publicly.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 87% confidence
Finding: The trigger list includes very generic terms such as "live streaming", "script", and "selection/话术", which can cause the skill to activate for broad, ordinary user requests beyond its intended scope. In an agent ecosystem, overbroad routing can misdirect users into persuasive sales-oriented workflows unexpectedly, increasing the chance of inappropriate automation, irrelevant responses, or policy-bypassing commercialization behavior.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal