Back to skill

Security audit

Product Recommender

Security checks across malware telemetry and agentic risk

Overview

This is a retail product recommendation skill with some routing and recommendation-quality cautions, but no evidence of hidden access, exfiltration, persistence, or destructive behavior.

Install this only for retail product-selection workflows and configure routing so generic decision-making questions do not trigger it. If using purchase history, disclose that use and avoid passing unnecessary personal data. Consider changing the fallback behavior so products over budget or outside constraints are clearly labeled or shown only after user consent.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
87% confidence
Finding
The trigger list is broad enough to activate on generic shopping or comparison language, which can cause the skill to engage outside its intended context. Over-broad invocation can lead to inappropriate recommendations, unintended use of customer context such as purchase history, or interference with other more suitable skills handling the conversation.

Vague Triggers

Medium
Confidence
84% confidence
Finding
Claiming the skill handles all 'help me choose' queries without a scope boundary increases the chance of misrouting unrelated decision-making conversations into a retail recommendation flow. In a multi-skill agent, this can override safer domain-specific behaviors and produce irrelevant or manipulative outputs where no product recommendation is appropriate.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The recommendation logic silently broadens user constraints: it increases budget by 20% when no matches exist, and if still empty, falls back to products while ignoring budget and constraints entirely. In a retail recommendation skill, this can cause the agent to violate explicit user requirements and produce deceptive or unsafe recommendations without clear disclosure, undermining user trust and policy compliance.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.