SAAS Worker

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a broad SaaS-advice helper with only placeholder code and no evidence of hidden access, persistence, credential use, or destructive behavior.

Install only if you want a broad SaaS planning and development guidance skill. Treat it as advisory rather than a finished automation tool, and review any business, marketing, revenue, or code changes it proposes before applying them.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Tp4

High

Category: MCP Tool Poisoning
Confidence: 99% confidence
Finding: This is a mismatch because the declared purpose describes a broad operational SaaS skill, but the actual code does not implement any of those functions. Instead, it is a minimal example script with no development, marketing, revenue optimization, automation, or product-launch behavior. There is no hidden behavior, but the primary purpose of the code materially differs from the description because it is effectively nonfunctional placeholder code.

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The description says to use the skill for broad activities like 'development, marketing, revenue optimization' and 'SAAS factory operations' without defining boundaries or exclusion conditions. In a markdown skill file, this kind of open-ended trigger language can cause unintended invocation across many common business or coding requests.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal