startup-researcher

Security checks across malware telemetry and agentic risk

Overview

This skill does what it claims: it researches AI startups and generates local briefing files, with visible dependency-installation and file-output side effects users should control.

Install this only if you want an agent to perform public startup research and create local report artifacts. Before running it, review and approve any brew, apt-get, dnf, or pip command, and use a dedicated workspace if the research output may be sensitive.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

High

Confidence: 97% confidence
Finding: The skill explicitly instructs the agent to install system packages and Python dependencies using package managers and pip without requiring user confirmation. This creates a high-risk path for unapproved environment modification, supply-chain exposure, and potentially privileged command execution, especially because `run_command` is allowed.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The workflow directs the agent to write multiple intermediate and final artifacts into the workspace, but the skill description does not clearly disclose this behavior to the user. Undisclosed file creation can surprise users, clutter shared workspaces, and lead to inadvertent storage of sensitive research outputs or scraped content.

VirusTotal

54/54 vendors flagged this skill as clean.

View on VirusTotal