Review Analyzer

Security checks across malware telemetry and agentic risk

Overview

This skill is a plain-text review-analysis playbook with no executable code, hidden behavior, or unusual permissions.

Installers should be comfortable sharing the review corpus they ask the agent to analyze. Use the built-in de-identification guidance before sharing quotes externally, especially if reviews contain names, order details, or other personal information.

SkillSpector

By NVIDIA

Vulnerability Patterns

Output HandlingUnvalidated Output Injection, Cross-Context Output, Unbounded Output
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Unbounded Output

Medium

Category: Output Handling
Content: 6. **Route to product vs listing copy.** Tag every theme PRODUCT, COPY, or BOTH. Ask: "Would the buyer still be unhappy if the page had set the right expectation?" If yes, it's PRODUCT. If the item is fine but the page oversold or under-informed, it's COPY. Many sizing and accuracy issues are BOTH — fix the chart now (copy) while you tweak the pattern next run (product). 7. **Output the report and track.** Fill the output template: overview, aspect sentiment table, ranked pain points, feature requests, and a prioritized action list split into product fixes and copy edits with owners and expected impact. Set a re-run date (e.g., 60-90 days post-change) and record the baseline so improvement is measurable. ## Example 1
Confidence: 80% confidence
Finding: Fill the output

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal