Free Tool Strategy

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a strategy guide for free-tool marketing, with only a minor risk that its broad trigger wording may activate too often.

Install only if you want the agent to advise on free-tool or lead-generation strategy. If it activates during unrelated product or calculator discussions, disable it or tighten the trigger wording.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 86% confidence
Finding: The invocation text is unusually broad and includes many generic phrases such as 'calculator,' 'generator,' 'interactive tool,' and 'should I build a free tool,' which can cause the agent to route ordinary product or growth conversations into this skill. Misrouting is dangerous because it can suppress more appropriate domain-specific guidance and lead the agent to read additional local context files unrelated to the user’s actual intent, increasing prompt-surface and reducing reliability.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal