AIOZ UI Skills

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only AIOZ UI coding helper with no executable behavior, credential access, persistence, or hidden data flow.

Install this for AIOZ UI React work if you trust the AIOZ UI packages in your project. Review setup snippets before applying them because they modify project configuration and assume local workspace package paths.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The frontmatter description says to read this file whenever a user wants to build any chart, graph, or data visualization, which is broader than the narrow AIOZ UI chart-reference purpose of the skill. In an agentic system, overly broad activation text can cause the skill to trigger in contexts outside its intended scope, leading to incorrect tool selection, instruction interference, or unintended handling of user requests.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal