Back to skill

Security audit

generate-executive-recruiting-boutique-client-education-handout

Security checks across malware telemetry and agentic risk

Overview

This is a low-risk content-generation skill for drafting executive recruiting client handouts, with no executable code or hidden access.

Use this as a drafting aid for client-facing recruiting education materials. Review outputs for accuracy, bias, and legal suitability, and do not use it to screen, rank, or make decisions about candidates.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The skill’s activation guidance is generic and can be invoked for broad 'client education work' without clear boundaries on inputs, outputs, or when human review is mandatory. In an HR/recruitment context, overly broad triggering increases the chance the skill is used for adjacent hiring or candidate-evaluation tasks, which can lead to biased, misleading, or compliance-sensitive employment content being generated without sufficient safeguards.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.