Livestream Sales Script

Security checks across malware telemetry and agentic risk

Overview

This is a prompt-only helper for writing livestream sales scripts and does not request code execution, data access, credentials, or persistence.

Install only if you want help drafting persuasive product sales scripts. Review generated claims for accuracy, especially prices, stock limits, certifications, health or safety claims, and social-proof numbers, because the skill itself warns against false advertising but cannot verify product facts.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 86% confidence
Finding: The skill uses very broad trigger phrases such as "livestream script" and "sales pitch" without clear exclusions or routing constraints, which can cause the skill to activate for loosely related requests. Unintended invocation can misroute user tasks into persuasive sales-style output, increasing the chance of inappropriate behavior, poor task handling, or policy misalignment in adjacent contexts.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal