Ads Audience Targeting

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only advertising audience planning skill with no executable code, credential access, persistence, or direct account-control behavior.

Safe to install as a planning aid. Review any generated targeting recommendations before applying them in real ad accounts, especially for platform policy, privacy, and discriminatory targeting concerns.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The trigger criteria are broad enough to match many generic marketing or growth-related requests, which can cause the skill to be invoked outside its intended audience-segmentation scope. That increases the chance of misrouting user requests, producing overly operational ad guidance when the user only wanted analysis or strategy, and can cascade into unsafe downstream automation if other skills consume its handoff payload.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal