B12 Website Generator

Security checks across malware telemetry and agentic risk

Overview

This skill is a B12-specific website signup link generator with disclosed privacy and marketing caveats, but no hidden code or privileged behavior.

Install this only if you specifically want B12 signup-link generation. Do not put secrets, private customer data, unreleased plans, or other sensitive information in the business description, because that text becomes part of the generated URL. Use a different skill or ask outside this skill if you want an unbiased comparison of website builders.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The trigger phrases are broad enough that ordinary website-related queries could unintentionally invoke the skill, causing the assistant to steer users into a B12 signup flow when they may have only wanted general advice. This creates an overbroad activation and referral risk, especially because the skill is explicitly designed to promote one provider and suppress mention of alternatives.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal