Landing Page

Security checks across malware telemetry and agentic risk

Overview

This is a markdown-only landing-page guidance skill with relevant optimization advice and no evidence of hidden execution or sensitive local access.

Reasonable to install as copywriting and landing-page optimization guidance. If you implement its analytics, heatmap, or session-recording suggestions, use consent where required, disclose tracking, minimize collected data, mask form fields and sensitive content, set retention limits, and review GDPR/CCPA/ePrivacy obligations for your use case.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 87% confidence
Finding: The skill recommends installing analytics and later suggests heatmaps/session-recording tools without any warning about consent, data minimization, masking sensitive fields, or legal/privacy obligations. In a landing-page optimization context, users are likely to implement this guidance directly, which can lead to over-collection of personal data, recording of form inputs, and non-compliant tracking practices.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal