Back to skill

Security audit

Auto Detailing Car Wash Kit

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only marketing prompt pack for auto detailing businesses, with no code execution, credentials, persistence, or hidden automation.

Safe to install as a prompt pack. Before using generated copy, verify ratings, certifications, product warranties, environmental claims, pricing, physical address, unsubscribe language, and local advertising rules; use only business contact information you are authorized to include in marketing.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill explicitly collects the owner's phone/email for use in outbound outreach templates without any guardrails around consent, minimization, storage, or safe handling of personal contact data. In a marketing-automation context, this can normalize embedding personally identifiable contact information into prompts, logs, generated content, or downstream systems, increasing privacy, spam, and data-handling risk.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.