quick research for VC/Consulting/Strategy Intern

Security checks across malware telemetry and agentic risk

Overview

This is a markdown-only desk research workflow that structures public-source research and does not request hidden access, execution, persistence, or credentials.

Safe to install as a research workflow aid. Before using it, be aware that it may produce some case-summary labels in Chinese unless overridden, and users should still verify dates, sources, and claims in any research output it generates.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Natural-Language Policy Violations

Low

Confidence: 95% confidence
Finding: Line L20 requires a final summary paragraph using Chinese labels "做什么/用户是谁/商业模式/为什么付费". This imposes a specific language/locale convention in natural language without indicating user choice or a documented region-specific need, which matches the language-policy concern for SQP-3.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal