Ads Compliance Review

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only ads review skill with some overbroad marketing-optimization wording, but no code, credentials, account access, persistence, or hidden behavior.

Install this only as advisory guidance. Treat its budget, bidding, KPI, and campaign execution suggestions as recommendations requiring human review; do not let it directly change ad accounts, launch campaigns, allocate spend, or use credentials without a separate trusted tool and explicit approval.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration

Findings (4)

Description-Behavior Mismatch

Medium

Confidence: 95% confidence
Finding: The manifest positions this as an ad compliance reviewer, but the body expands into operational campaign execution, budget/bidding, revenue growth, and KPI optimization. That scope drift can cause the skill to be invoked for broad marketing decisions beyond its declared purpose, increasing the chance of unsafe autonomy, policy bypass, or downstream misuse under the guise of compliance review.

Intent-Code Divergence

Medium

Confidence: 93% confidence
Finding: The workflow explicitly says the skill focus is policy screening and compliant rewrite, but adjacent instructions direct prioritized actions tied to KPI impact and platform execution notes. This contradiction is dangerous because it weakens operator expectations and can let a supposedly compliance-scoped skill produce performance-optimization guidance that exceeds approved boundaries.

Context-Inappropriate Capability

Medium

Confidence: 94% confidence
Finding: The skill advertises growth, profit, ROI/ROAS, CPA reduction, budget, bidding, traffic, and funnel analysis despite being framed as a compliance reviewer. In context, this broadening makes the skill more dangerous because ad-policy review is a trusted control point; embedding optimization advice there can trigger unintended business actions without appropriate specialization or guardrails.

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The trigger keywords are generic marketing terms like ads, growth, revenue, profit, budget, traffic, and conversion, which overlap with many ordinary business requests. This raises the likelihood of accidental invocation, causing a compliance-focused skill to intercept unrelated requests and respond with mismatched or overbroad guidance.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal