Security audit

Gingiris Go Global

Security checks across malware telemetry and agentic risk

Overview

This is a markdown-only go-to-market playbook with no code execution, credential access, or hidden system behavior.

Install this as a reference playbook, not an automation tool. Be aware it may activate on broad GTM or launch-related prompts, and review any platform-promotion tactics before following them so you stay within community rules and avoid spammy outreach.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The trigger list includes very broad, common business phrases such as "GTM," "go-to-market," "launch strategy," and "international expansion." In an agent environment, this can cause the skill to activate in many unrelated conversations, injecting prescriptive guidance where it was not requested and potentially overriding more appropriate domain-specific behavior. The multilingual aliases further widen the match surface, increasing accidental invocation risk.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal