Vision Simulator

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only marketing forecasting skill with disclosed live web lookup behavior and no executable install code, persistence, credentials, or destructive actions.

Install is reasonable for non-sensitive marketing simulations. Before using live data collection, assume scenario keywords may be sent to web/search providers; for confidential launches or strategy, use manual/basic inputs or tell the agent to skip Pro/live web collection.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The skill instructs live web/news/trend collection and competitor monitoring without any user-facing disclosure that scenario details or derived keywords may be sent to external services. In a marketing-planning context, user inputs may contain confidential campaign, product-launch, or competitive strategy information, so silent transmission to web/search providers creates a meaningful privacy and data-handling risk.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal