competitive-intel

Security checks across malware telemetry and agentic risk

Overview

This is a competitive-intelligence guidance skill made only of Markdown documents, with no hidden execution or unrelated access requests.

Safe to install as a business guidance skill. Before using it, decide which customer, prospect, pricing, deal, and win/loss details may be stored or shared, and keep competitive-intelligence repositories limited to approved internal tools and authorized staff.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The description says to use the skill when the user 'mentions competitive intelligence, competitive analysis, competitor research, battlecards, win/loss, or market positioning.' Several of these phrases are broad business terms that could appear in ordinary discussion without the user intending to invoke this specific skill. The file does not provide exclusion conditions or negative examples to narrow activation scope.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal