AI Meeting Room

Security checks across malware telemetry and agentic risk

Overview

This is a markdown-only business advisory skill that runs disclosed web research and simulated expert debate, with no code execution or hidden data access found.

Install if you want panel-style business brainstorming and critique. Avoid entering confidential business plans, customer data, or sensitive internal details if you do not want them used in web research, and treat the simulated experts as brainstorming support rather than licensed legal, financial, or investment advice.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The skill advertises very broad trigger phrases such as 'review this idea', 'discuss', 'meeting', and generic Korean equivalents that overlap with many ordinary user requests. This can cause the skill to activate when the user did not intend to invoke a multi-agent, web-research-heavy workflow, leading to prompt hijacking of unrelated conversations, unnecessary tool use, or unintended disclosure of context into the skill’s structured process.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal