Dashboard

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only dashboard setup guide with no code, credential access, or hidden execution behavior.

This skill is reasonable to install as a dashboard setup checklist. When using it, keep dashboard data ingestion and any knowledge-base updates limited to approved business data, avoid storing personal or confidential information unnecessarily, and follow applicable privacy and platform rules.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The skill description says it should be used whenever dashboard-building work is performed, but it does not define clear entry criteria, exclusions, or approval boundaries. Overly broad invocation scope can cause the agent to apply the skill in inappropriate contexts, increasing the chance of mishandling business data, giving irrelevant operational guidance, or bypassing more specific controls for analytics and compliance-sensitive tasks.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal