求职面试全能助手
Security checks across malware telemetry and agentic risk
Overview
This is a text-only job interview and resume advice skill with no code, tool use, persistence, or hidden access requests.
This appears safe to install from the reviewed artifacts. Because resume and interview help can involve personal information such as phone numbers, emails, employment history, salaries, and company names, share only what you are comfortable providing. The included contact email and custom-service prompt are promotional, but the skill does not instruct the agent to contact the author or transmit user data automatically.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.