Workplace Injury Rights

Security checks across malware telemetry and agentic risk

Overview

This skill provides disclosed workplace injury and workers' compensation guidance, with privacy-sensitive recordkeeping advice that users should handle carefully.

Before installing, treat any injury reports, medical records, witness contacts, photos, and claim notes as sensitive. Use accounts and devices you control, enable MFA, restrict sharing, prefer encrypted storage where possible, and verify state-specific legal deadlines or advice with an official workers' compensation board or qualified attorney.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill tells users to store highly sensitive workplace injury records in personal email or generic cloud storage without any guidance on account security, encryption, or minimizing shared access. These records can include medical details, witness information, employer disputes, and claim evidence; compromise of that data could expose private health information or weaken a legal claim.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal