MBA

Security checks across malware telemetry and agentic risk

Overview

This is a coherent MBA education skill, with the main consideration being that it saves learning notes and exercises locally.

Installers should know that lessons, exercises, case analyses, and notes may be saved under ~/mba/. Avoid putting confidential company, client, financial, or personnel details into those files unless local storage is acceptable, and periodically review or delete the folder if needed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The skill explicitly directs creation and ongoing population of files under ~/mba/ without mentioning user consent, confirmation, or data minimization. In an agent environment, this can lead to unexpected filesystem writes, persistence of potentially sensitive user data, and privacy issues if notes, exercises, or case analyses contain confidential business information.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal