FurrBudd Author

Security checks across malware telemetry and agentic risk

Overview

This looks like a content and web-generation skill with review-worthy template and scope issues, but no artifact-backed evidence of malware or hidden system access.

Install only if you want broad help generating web, article, affiliate, or CMS content. Review generated HTML before placing it on a live site, remove inline onclick handlers if your CMS or security policy disallows inline JavaScript, and watch for the skill activating on unrelated product-review or React-build requests.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 94% confidence
Finding: The skill explicitly claims generated article output is 'CSS + HTML, no JS frameworks', yet the FAQ template embeds executable inline JavaScript via an onclick handler. In a CMS context like WordPress, inline event handlers expand the executable surface, can violate CSP or site hardening assumptions, and normalize mixing untrusted content with script execution.

Vague Triggers

Medium

Confidence: 82% confidence
Finding: The activation conditions are broad enough that the agent may invoke this large, multi-purpose skill for loosely related prompts such as generic 'product reviews' or 'React website builds'. Overbroad activation can cause prompt/scope hijacking, inappropriate instruction carryover across unrelated tasks, and accidental emission of affiliate, WordPress, or web-build content where it is not intended.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal