USA Business Migration Planner

Security checks across malware telemetry and agentic risk

Overview

This appears to be a text-only workflow skill with clean malware telemetry, but its activation wording is much too broad and may trigger when users did not intend it.

Install only if you want this workflow helper available broadly. Be aware that its generic trigger language may cause accidental activation on unrelated requests; prefer explicit invocation and review outputs for relevance before acting on them.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (11)

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The trigger phrases are broad natural-language requests that could cause the skill to activate in contexts far beyond its intended niche. In an agent system, overbroad activation increases the chance of prompt/skill hijacking, unintended invocation, or routing user requests into a workflow that was not explicitly requested.

Vague Triggers

High

Confidence: 93% confidence
Finding: The trigger phrases are extremely broad and composed of common help-seeking language, which can cause the skill to activate on ordinary user requests unrelated to its intended domain. In an agent system, overbroad activation expands the skill’s influence surface, increasing the chance of unintended routing, prompt/context contamination, and execution of an irrelevant workflow.

Vague Triggers

High

Confidence: 95% confidence
Finding: The skill description is extremely broad and includes generic operational phrases like 'practical workflow, artifact, checklist, analysis, or implementation support,' which can match many unrelated user requests. This creates a high risk of unintended invocation, causing the agent to apply irrelevant instructions or override more appropriate skills in unrelated contexts.

Vague Triggers

High

Confidence: 98% confidence
Finding: The trigger keywords include very common words such as 'option,' 'menu,' 'links,' and 'displayed,' which are likely to appear in many benign conversations. Such generic triggers can cause accidental activation across unrelated tasks, leading to prompt-routing errors and unexpected behavior.

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The example trigger sentences model activation on vague, repetitive phrasing rather than well-scoped user intent, reinforcing loose routing behavior. This makes the skill more likely to be invoked from ambiguous requests and increases the chance of misapplication, though the examples are somewhat less dangerous than the keyword list itself.

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The trigger keywords include highly generic terms such as "option," "menu," "links," and "displayed," which are common in ordinary user conversations and unrelated tasks. This creates a real risk of unintended skill activation, causing the agent to inject irrelevant business-migration workflow behavior into benign requests and potentially override more appropriate skills or normal handling.

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The example trigger phrases are broad natural-language requests like "Help me" and "I need a practical workflow," combined with generic requirement text. Because these resemble normal conversational prompts, they can encourage overmatching in routing systems and make accidental activation substantially more likely.

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The default prompt uses broad, everyday-language phrasing such as 'help me' and a generic business workflow description, which can cause the skill to be selected for loosely related user requests. In combination with a vague problem statement, this increases the risk of unintended invocation, causing the agent to route users into this skill when they did not explicitly request it.

Vague Triggers

Medium

Confidence: 94% confidence
Finding: Enabling implicit invocation without a tightly bounded activation description allows the platform to auto-select this skill based on broad semantic similarity rather than explicit user intent. Because the skill metadata describes a wide operational/business domain with unclear boundaries, this can lead to overbroad routing, unexpected behavior, or accidental use in contexts outside the intended scope.

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The trigger sentence is extremely broad and phrased like ordinary user language, which can cause the skill to activate in unrelated conversations. Unintended invocation can route users into the wrong workflow, increasing the chance of misleading outputs, context hijacking, or accidental execution of a business-process skill when not requested.

Vague Triggers

Medium

Confidence: 97% confidence
Finding: The activation section defines vague keywords and ambiguous invocation wording such as common terms like 'option', 'menu', 'links', and 'displayed', which are likely to appear in many benign conversations. In this skill context, the mismatch between the skill's title and these generic triggers makes accidental activation more likely and can cause the agent to apply irrelevant instructions or expose users to confusing workflow redirection.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal