YC New Way

Security checks across malware telemetry and agentic risk

Overview

This is a planning-only startup workflow skill with templates and no hidden code, data access, or unsafe automation.

Reasonable to install as a startup planning aid. Before using any separate analytics, email capture, SEO, newsletter, or community-posting tools suggested by the workflow, review their privacy settings, platform rules, and disclosure requirements.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Low

Confidence: 85% confidence
Finding: The description lists several activation conditions, but "turn a vague idea into a testable plan" is broad enough to match many ordinary ideation or planning conversations outside this specific YC playbook context. The file does not provide exclusion conditions or negative examples to clarify when the skill should not activate.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal