Industry Research Report Skill

Security checks across malware telemetry and agentic risk

Overview

This skill is a transparent industry research report workflow that uses public web searches and PDF generation without requesting credentials, local data access, or persistence.

Install this if you want a structured industry due-diligence report workflow. Expect it to perform multiple web searches and create a PDF; review sources, assumptions, and generated market estimates before relying on it for investment or business decisions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The skill’s activation description includes broad trigger phrases such as '行业分析', '投资研究', and '尽调报告', which can match many ordinary user requests and cause this skill to load unexpectedly. Unintended activation can steer conversations into unnecessary web searching, structured report generation, and PDF creation, increasing the chance of scope hijacking, tool overuse, or user-intent mismatch.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal