企业-国际展会轨迹追踪

Security checks across malware telemetry and agentic risk

Overview

This skill performs public web research about company trade-show activity and does not request credentials, persistence, local file access, or mutation authority.

Install with the expectation that this skill may trigger on broad company internationalization or overseas-marketing questions and perform public web searches. Ask for exhibition-specific evidence or source citations when you need tighter scope.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The trigger description is broad enough to match ordinary business-analysis queries about a company's overseas strategy, marketing, or internationalization, not just exhibition tracking. That can cause unintended activation and unnecessary web searches, leading the agent to collect and infer competitive-intelligence style information outside the user's actual intent.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal