Geo Metrics Tracker

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent GEO metrics planning aid, but users should avoid storing raw AI answers or internal logs without privacy controls.

Install this if you want help designing GEO dashboards, schemas, alerts, and runbooks. Before implementing any generated sampling workflow, avoid storing full raw AI answers by default, redact sensitive content, define retention and access controls, and review platform terms and privacy requirements.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 86% confidence
Finding: The sampling template explicitly captures and structures `raw_answer` text from AI platforms, which can include personal data, confidential business information, or copyrighted content copied from prompts and responses. Because this is presented as a reusable workflow without any privacy, retention, minimization, or consent guidance, teams may operationalize collection and storage of raw model outputs in ways that create avoidable data protection and compliance risk.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal