Back to skill

Security audit

Launch

Security checks across malware telemetry and agentic risk

Overview

This appears to be a launch-planning playbook with broad activation wording but no hidden execution, credential use, persistence, or privileged behavior.

Installers should treat this as marketing and launch-planning guidance. Review any referenced external templates before using them publicly, and avoid sharing confidential product plans, customer lists, or unreleased strategy details unless you are comfortable using them in the agent session.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
96% confidence
Finding
The skill description is extremely broad and provides no activation constraints, scope limits, or trigger examples, which can cause an agent to invoke it in many loosely related situations. Over-broad routing increases the chance of inappropriate skill selection, instruction collision with other skills, and unintended influence over tasks outside its intended launch-planning domain.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal