Ads Incident Tickets

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only ad-operations ticketing skill with no code execution or hidden access, though its trigger wording is broader than ideal.

Safe to install for drafting ad-operations incident tickets. Use it for actual ad incidents or account-health triage, not general growth strategy, and share only the account IDs, logs, thresholds, and owner contacts needed for the specific issue. Manually review any recommended pause, rollback, spend, billing, or platform-setting action before applying it.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The trigger conditions are broad enough to match many ordinary advertising, growth, and revenue-related requests, which can cause this specialized incident-routing skill to activate outside its intended scope. Unintended invocation can steer users into incident-ticket workflows, produce irrelevant operational guidance, and increase the chance that other guardrails or more appropriate skills are bypassed.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal