Ads Creative Ideas

Security checks across malware telemetry and agentic risk

Overview

This is a text-only ad creative planning skill with no code execution, account access, persistence, or hidden data handling.

Safe to install as an advisory creative-planning skill. Review recommendations before applying real ad spend or relying on platform-policy assumptions, and be aware it may activate on broader marketing or business-performance requests.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The trigger criteria are broad enough to match many ordinary business or marketing conversations such as revenue, profit, budget, or growth, even when the user is not asking for this specific ad-creative capability. That can cause unintended skill invocation, leading the agent to steer responses into advertising execution guidance in contexts where it is not appropriate, reducing reliability and potentially bypassing more suitable skills or safeguards.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal