Back to skill

Security audit

Coaching Consulting Launch Kit

Security checks across malware telemetry and agentic risk

Overview

This appears to be a case-study/testimonial prompt skill, but the supplied artifact evidence indicates it may help create reconstructed client quotes that could be mistaken for real endorsements.

Install only if you will use it for internal drafting or illustrative examples. Do not publish generated testimonials, recommendation quotes, case studies, or results unless the claims are verified and the quoted client language is verbatim and client-approved, or the output is plainly labeled as a composite/sample.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Context-Inappropriate Capability

Medium
Confidence
89% confidence
Finding
This is a real issue because the prompt explicitly asks the model to generate recommendation quotes and pull quotes from limited or reconstructed source material, which can cause the system to invent endorsements the client never actually gave. In a marketing/testimonial context, fabricated recommendations can mislead prospects, create deceptive advertising risk, and expose the user to reputational or legal problems.

Intent-Code Divergence

High
Confidence
96% confidence
Finding
This is a true vulnerability because the prompt permits 'real or composite' results and 'real or reconstructed' client quotes while still packaging the output as testimonials and case studies, which strongly implies authenticity to an audience. That contradiction makes it easy to generate persuasive but fictional social proof, a high-risk misuse in sales and reputation-building contexts.

VirusTotal

57/57 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.