Marketing Genius

Security checks across malware telemetry and agentic risk

Overview

This is a simple marketing-copy skill that discloses sending product and audience details to a third-party API, with no hidden execution or persistence found.

Install only if you are comfortable sending the product description or URL and target-audience details you provide to the 1agent.fyi API. Avoid confidential launch plans, proprietary positioning, customer lists, sensitive market research, and regulated or deceptive persuasion use cases unless you trust the service and the use is appropriate.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The description 'Generate buyer psychology + ad copy for any product' is overly broad and can trigger this skill in a wide range of loosely related contexts. In an agent ecosystem, broad routing language can cause the skill to be invoked for inappropriate or sensitive requests, increasing the chance of unsafe persuasion content, policy bypass attempts, or misuse outside the intended marketing scope.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal