Back to skill

Security audit

Seo Keyword Researcher

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward SEO keyword research helper that uses web search for its stated purpose and shows no hidden installation, persistence, or destructive behavior.

Install it for SEO-focused keyword research and article brief creation. Review when it activates on generic content-planning prompts, and avoid giving it private business data unless that data is necessary for the SEO task.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The skill advertises very broad trigger phrases such as 'content planning' and 'article topic research', which can overlap with many ordinary writing, brainstorming, or planning requests outside narrowly scoped SEO work. In agent environments that auto-select skills from descriptions, this can cause over-invocation and unintended access to web search/fetch capabilities, increasing the chance of irrelevant browsing, data exposure in prompts, or workflow hijacking by a less-appropriate tool.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.