Advisor

Security checks across malware telemetry and agentic risk

Overview

This is a text-only advisor skill that gives conversational decision guidance and does not request tools, files, credentials, installation scripts, or persistent access.

Use this as a sounding board, not as a professional advisor. For investments, legal matters, medical issues, employment disputes, safety risks, or other consequential decisions, verify advice with qualified experts before acting.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 87% confidence
Finding: The skill description is broad enough to match a wide range of ordinary advice-seeking requests across business, finance, career, and life decisions, which can cause the skill to be invoked outside a narrowly defined safety boundary. This increases the chance of over-routing sensitive or regulated topics into a general-purpose advisor persona that lacks explicit scope limits, exclusions, or escalation guidance.

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The "When to Use" triggers are vague and expansive, such as any request for a second opinion or objective perspective, which can overlap with many unrelated or sensitive user requests. Without scope limits, the skill may activate for consequential decisions where generic balanced advice is insufficient and where stronger safeguards or specialist routing are needed.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal