Vague Triggers
Medium
- Confidence
- 89% confidence
- Finding
- 触发词包含“第一个产品”“先做什么”“怎么快速上线”等日常高频、语义宽泛的短语,容易在大量普通产品讨论中误触发该技能。误触发会把对话强行导向特定创业方法论,造成提示注入式的上下文劫持、降低结果相关性,并可能覆盖用户原本想要的更合适技能或回答路径。
Security audit
Mvp
Security checks across malware telemetry and agentic risk
Overview
This is an advice-only MVP planning skill with no code execution, data access, credentials, or persistence.
Install this if you want concise, opinionated MVP launch guidance. Be aware it may steer broad product-startup conversations toward fast manual-first MVP advice, and review any pricing, payment, or business decisions yourself before acting.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)
VirusTotal
66/66 vendors flagged this skill as clean.
Static analysis
No suspicious patterns detected.