Back to skill

Security audit

organizing-officer

Security checks across malware telemetry and agentic risk

Overview

This is a markdown-only organizational consulting skill with no code execution, credential use, persistence, or hidden system access.

Safe to install from a system-access perspective. Because it is intended for organizational and HR advice, avoid sharing unnecessary personal employee data, compensation details, or confidential strategy, and have qualified human experts review major personnel, compliance, or legal decisions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger conditions are broad enough that the skill may activate during ordinary management or organizational discussions, even when the user did not explicitly request this specialized consulting mode. This can cause unintended routing, over-application of the skill's framework, and reduced reliability or user control, especially in systems that auto-select skills based on vague keyword matches.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.