Seo

Security checks across malware telemetry and agentic risk

Overview

This is a low-risk, instruction-only SEO helper with no executable code, hidden data access, persistence, or credential handling.

Safe to install as an SEO guidance skill. Review any generated changes before deploying them, especially robots.txt, sitemap URLs, canonical tags, noindex settings, schema ratings/prices, analytics setup, and production metadata, because incorrect SEO configuration can affect what search engines crawl or display.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The trigger description is unusually broad and ends with a catch-all phrase covering essentially any SEO-related task. In an agent-routing system, this can cause the skill to activate for loosely related requests, increasing the chance of inappropriate tool selection, instruction shadowing, or lower-quality responses when a more specialized skill should handle the task.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal