Jobs To Be Done Analyzer

Security checks across malware telemetry and agentic risk

Overview

This skill is a documentation-only customer research framework and does not request access to files, accounts, credentials, tools, or background execution.

Safe to install as a brainstorming and product-research aid. Be aware it may activate for broad product strategy questions, and avoid pasting confidential customer research unless you are comfortable using it in your assistant environment.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 96% confidence
Finding: The manifest description says to use the skill when the user says phrases such as "why do customers", "what problem", and "user needs". These are broad, everyday product-discussion phrases that could match many unrelated conversations, and the file does not provide narrowing constraints or negative examples to clarify when the skill should not activate.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal