DELLIGHT Content & Marketing Operations

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only DELLIGHT.AI marketing skill with no code execution or persistence, but users should keep human control over public posts, voice cloning, and third-party AI uploads.

Install this as a drafting and planning aid. Require human approval before publishing LinkedIn posts or replies, confirm authorization before using Arthur's cloned voice or likeness, and avoid sending confidential company or customer material to third-party AI providers unless your policy allows it.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The activation text is very broad, covering many common marketing and content tasks, which can cause the skill to trigger in situations where the user did not specifically request this brand- and revenue-oriented behavior. Overbroad activation increases the chance of misapplication, unwanted steering, and accidental policy or persona bleed into unrelated tasks.

Natural-Language Policy Violations

High

Confidence: 97% confidence
Finding: The rule requiring 'readable English' and banning 'foreign characters' is an unjustified language restriction that can override user needs, exclude multilingual content, and produce discriminatory behavior. In a marketing skill, this is especially risky because content creation often targets diverse audiences and regions, so the constraint can directly cause harmful or noncompliant outputs.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal