Security audit

Geo Compare

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: compares user-provided websites, fetches their pages, and writes a local comparison report.

Install this if you want an agent to fetch and compare the websites you provide. Expect network requests to those domains, several parallel audit tasks, and a local markdown report file. Review the referenced geo-audit rubric files if exact scoring behavior matters.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Low

Confidence: 91% confidence
Finding: The skill explicitly instructs the agent to create a report file on disk without requiring user confirmation or warning the user that a local write will occur. While the file contents are expected output rather than attacker-controlled code, silent filesystem writes can violate user expectations, create data leakage or clutter risks, and become more concerning in constrained or shared environments.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal