Content Repurposing Pipeline

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only content repurposing skill that asks for user-provided source material and generates marketing drafts without installing code or requesting privileged access.

Install if you want an agent to turn content you provide into marketing drafts. Avoid submitting secrets, regulated personal data, confidential internal documents, embargoed material, or copyrighted content you are not authorized to reuse.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The activation criteria are broad and map to very common marketing-related requests, which can cause the skill to trigger in situations where the user did not explicitly ask for bulk content transformation. That increases the chance of over-collection of user content and unintended generation workflows, especially when paired with requests for URLs, text, or files.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill explicitly solicits source content through URL, text, or file input without any guidance on avoiding confidential, proprietary, or personal data. This creates a realistic risk that users will submit sensitive materials for processing, leading to unintended exposure, retention, or downstream reuse of private information.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal