E-commerce AI Toolkit Pro

Security checks across malware telemetry and agentic risk

Overview

This is a prompt-only e-commerce toolkit with no executable code, but it includes a review-request template that encourages incentivized positive reviews.

Install only if you are prepared to edit or avoid the review-incentive template. Use the other templates normally, but for reviews ask only for honest, unbiased feedback and never condition gifts, coupons, discounts, or other benefits on ratings or reviews.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Intent-Code Divergence

Medium

Confidence: 96% confidence
Finding: The review-request template explicitly suggests requesting a positive review while offering a small gift or coupon as an incentive. On major e-commerce platforms, tying rewards to favorable reviews can violate marketplace integrity rules and may lead users to generate policy-violating outreach at scale. The surrounding caution to follow platform rules does not neutralize the risk because the concrete template still operationalizes the prohibited behavior.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal