Market Research

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only market research guide that uses public sources and does not request credentials, local data access, installation steps, persistence, or privileged actions.

Before installing, consider that the skill may activate for broad business questions about market trends or competitors. Its main practical risk is research quality and relevance: verify important market-size numbers, competitor claims, and trend conclusions against primary or current sources before making business decisions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The trigger phrases are broad enough to match common user requests like 'market trends' or 'who are the players in this space,' which can cause this skill to activate in situations where the user did not specifically intend a structured market-research workflow. Over-broad activation increases the chance of incorrect tool/skill routing, irrelevant browsing or data gathering, and unintended use of external-source-heavy guidance in ordinary conversations.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal