Static Site Cloner

Security checks across malware telemetry and agentic risk

Overview

This skill is an instruction-only helper for recreating static website layouts, with expected web-fetching and copyright-use cautions but no hidden code or privileged behavior.

Install only if you are comfortable with the agent fetching public pages you name and using them as visual/layout references. Use it for sites you own or are authorized to analyze, avoid login-gated/private/payment/account pages, and review generated output to remove protected text, logos, trademarks, and content you do not own.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 96% confidence
Finding: The trigger phrases are overly broad and map to common, ordinary user language such as 'copy a web page' or 'recreate a website,' which can cause the skill to activate in situations where the user did not explicitly request this specialized behavior. In this skill's context, unintended activation is more dangerous because the behavior is website cloning, which can facilitate copyright infringement, impersonation, or phishing-style reproduction of legitimate sites if invoked too readily.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal