Security audit

Product Validation Planner 002325

Security checks across malware telemetry and agentic risk

Overview

This appears to be a product-validation planning skill with overly broad auto-activation wording, but no evidence of hidden access, persistence, commands, exfiltration, or destructive behavior.

Install if you want a planning workflow for early product validation. Be aware it may be invoked automatically from broad business or product wording, so use explicit invocation or narrow/disable implicit triggers if you work with varied or sensitive business strategy discussions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (9)

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The trigger sentences are broad and map to very common user intents such as asking for help, needing a workflow, or handling a product-related task. This can cause the skill to activate in situations far beyond its intended scope, leading to unwanted interception of normal conversations and priority conflicts with more appropriate skills.

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The trigger phrases are broad enough to match many normal business or product-assistance requests, which can cause the skill to activate outside its intended scope. In an agent environment, overbroad activation increases the chance of inappropriate routing, prompt interference, or untrusted skill content being injected into otherwise ordinary user interactions.

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The trigger keywords are broad, generic business terms such as "validation," "prototype," and "saas," which are likely to match many ordinary requests outside this skill’s narrow intended scope. Over-broad activation can cause the wrong skill to be invoked, leading to inappropriate guidance, context confusion, or accidental prioritization of this skill over safer or more relevant alternatives.

Vague Triggers

Medium

Confidence: 87% confidence
Finding: The manifest description includes expansive invocation guidance like "Use when a user asks for business-and-operations, product idea, validation, prototype, saas," which lacks clear boundaries and can capture a large range of unrelated requests. In a skill-routing system, ambiguous activation guidance increases the chance of misrouting, prompt-surface expansion, and unintended execution of this skill in contexts where it is not the best fit.

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The trigger keywords are very broad and map to common business/product conversations, so this skill may activate for many unrelated requests. Over-broad activation can cause misrouting, unnecessary exposure of the skill’s instructions, and incorrect assistance that overrides a more appropriate specialized skill.

Vague Triggers

Medium

Confidence: 86% confidence
Finding: The invocation description is framed broadly enough to match many requests for practical support, workflows, or analysis, which are common across many domains. This increases the chance of ambiguous skill selection and unintended activation, leading to unreliable behavior or the wrong operational guidance being applied.

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The default_prompt is generic and broadly phrased, which increases the chance the skill will be auto-selected for loosely related product, business, or planning requests. Overbroad routing can cause unintended invocation, exposing user inputs to a skill the user did not explicitly choose and creating opportunities for prompt-scope confusion or data over-sharing.

Vague Triggers

Medium

Confidence: 95% confidence
Finding: Enabling allow_implicit_invocation without tight activation constraints permits the platform to invoke this skill automatically based on broad semantic matches. In a skill covering product ideas, validation, prototypes, and positioning, this can lead to frequent unintended activation and unnecessary exposure of sensitive business context or strategic information.

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The trigger sentence begins with a very broad phrase ('Help me') tied to a wide business/product domain, which can cause the skill to activate for many ordinary requests that are only loosely related to product validation. Overbroad activation increases the chance of unintended routing, confusing users, and letting this skill intercept prompts better handled by other more specific skills.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal