Back to skill

Security audit

Data Engineering Interview Coach

Security checks across malware telemetry and agentic risk

Overview

This is a markdown-only data engineering interview coaching skill with no system access, credentials, or background behavior.

Safe to install for interview-style practice. Expect it to steer relevant SQL and data engineering prompts into a mock interview format; use a different skill or plain chat for one-off debugging, implementation help, or explanation-only requests.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The README uses very broad trigger phrases like 'quiz me on SQL' and 'interview me on data engineering' without defining stricter activation criteria. This can cause the skill to activate on ordinary conversational requests that may only seek general help, leading to unintended instruction routing or response shaping.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The activation description describes domain coverage and example prompts but does not clearly distinguish this skill from nearby use cases like general Q&A, study help, or ad hoc technical assistance. In systems with automatic skill routing, that ambiguity increases the chance of misfire and can override a better-matched skill or the user's actual intent.

VirusTotal

No VirusTotal findings

View on VirusTotal

Static analysis

No suspicious patterns detected.