Omni Channel Ecommerce Master

Security checks across malware telemetry and agentic risk

Overview

This is a static ecommerce operations guidance skill with broad activation terms, but no hidden execution, data access, persistence, or harmful behavior was found.

Install this as an ecommerce planning and operations reference, not as an autonomous operator. Review whether broad triggers may activate it too often, and limit terminal or file access if you only need written guidance.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The skill description is very broad and can activate on generic business or ecommerce discussions without enough contextual narrowing. Over-broad activation can cause unintended skill invocation, increasing the chance that the model follows domain-specific guidance when the user did not request it, which can degrade safety, relevance, and user control.

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The trigger list consists of high-level keywords like 电商运营, 团队管理, and 风险管控 without contextual constraints, making accidental activation likely. This broad matching can expose users to irrelevant or overly specialized guidance and may let the skill dominate conversations outside its intended domain.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal