CISO Career

Security checks across malware telemetry and agentic risk

Overview

This is a coherent CISO career-roadmap API skill, with a privacy caveat because it sends career profile details and tracking identifiers to an external provider.

Install only if you are comfortable sharing career-development details with the API provider. Avoid confidential employer information, personnel details, or identifying data unless you trust the provider's data-handling practices.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The skill requests detailed career-assessment content along with session identifiers, timestamps, and optional user identifiers, but provides no privacy notice, retention policy, purpose limitation, or guidance on handling potentially sensitive professional data. This creates a real privacy and compliance risk because users may disclose identifiable employment history and leadership details that are transmitted to a third-party API without informed consent or clear data-handling expectations.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal