胡田-OPC导师-成果转化路径规划

Security checks across malware telemetry and agentic risk

Overview

This is a planning-only technology commercialization skill with no code execution, credential access, persistence, or hidden data handling.

This skill appears safe to install as an advisory template for technology commercialization planning. Users should treat its valuation, tax, pricing, and commercialization recommendations as planning guidance rather than professional legal, tax, investment, or institutional policy advice.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The trigger conditions are broad and overlap with common business or planning requests, so the skill may activate in situations where the user did not explicitly ask for this specialized workflow. That can cause inappropriate routing, reduce user control, and lead the agent to provide domain-specific commercialization guidance when a narrower answer or different skill would be more appropriate.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal