Competing

Security checks across malware telemetry and agentic risk

Overview

This skill provides competition coaching templates and local progress tracking, with no evidence of hidden execution, exfiltration, or destructive behavior.

Install if you want a structured local system for competition notes. Avoid storing confidential business details, sensitive school or health information, or unnecessary personal information about rivals unless you intentionally want it saved in local files.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The description says the skill applies in 'any competitive domain' but does not define concrete trigger phrases, boundaries, or exclusion conditions. In a markdown skill file, this creates an ambiguous activation scope that could overlap with many ordinary requests about comparison, performance, or rivals.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill instructs creation of a tracking folder and files in the user's workspace, which affects user data and filesystem state. The markdown does not provide any warning or disclosure that the skill may create or update files under the user's home directory.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal