Programmatic Seo

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only programmatic SEO planning skill with no code execution, credentials, persistence, or broad data access.

Reasonable to install for programmatic SEO strategy work. Before use, check any local product-marketing context file it may read and avoid putting secrets or sensitive internal details there if you do not want them reflected in generated SEO recommendations.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The evaluation explicitly rewards triggering the skill on casual phrasing, but it does not pair that requirement with tight routing boundaries or disambiguation checks. In an agent setting, this can broaden activation conditions and cause the skill to run for loosely related requests, increasing misrouting risk and potentially bypassing more appropriate skills such as technical SEO audit flows.

VirusTotal

41/41 vendors flagged this skill as clean.

View on VirusTotal