Workers Comp Claim Intake

Security checks across malware telemetry and agentic risk

Overview

This markdown-only skill is purpose-aligned for drafting workers' compensation intake documents, with sensitive-data handling risks that are disclosed and proportionate.

Install only if you need help drafting workers' compensation intake materials. Treat any OSHA recordability output as a preliminary draft for qualified HR/safety review, verify state deadlines and forms with the carrier, TPA, or state board, and avoid entering unnecessary SSNs, full dates of birth, or detailed medical records in unsecured tools.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Intent-Code Divergence

Medium

Confidence: 95% confidence
Finding: The Key Rules state that OSHA recordability and workers' compensation compensability are employer and carrier determinations and that the skill does not make those decisions. However, earlier instructions explicitly direct the model to walk the OSHA analysis and output a determination, which is more than merely drafting neutral documentation and creates a direct contradiction in stated intent versus behavior.

VirusTotal

38/38 vendors flagged this skill as clean.

View on VirusTotal