AI Brand Analyzer

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do what it says: it uses Gemini and Google Search to create brand profile JSON files, with disclosed save options.

Install only if you are comfortable using a Gemini API key and sending brand-analysis prompts to Google/Gemini. Use stdout or a deliberate output path for review, and be careful with --auto-save or --output because they can create or overwrite JSON files where the agent has write permission.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (5)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 92% confidence
Finding: The skill advertises shell commands that read an API key from the environment and write generated brand profiles to disk, yet it declares no permissions. This creates a capability/expectation mismatch that can bypass user awareness and platform policy checks, especially because outputs may be persisted into shared workflow directories for later reuse.

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The description says to use the skill when the user wants brand analysis, brand profile creation, or brand data for ad generation, which is broad enough to match many ordinary conversations involving brands. Overbroad routing can trigger external search/API calls and persistence actions without a sufficiently explicit user request, causing unintended data transmission or file creation.

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The listed trigger condition includes cases where the user merely mentions a brand that does not yet have a profile, which is too ambiguous to justify invoking research and storage workflows. In this context, the skill performs Google-grounded analysis and can auto-save results, so accidental activation materially increases the chance of unauthorized external requests and unintended persistence.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill states that it uses Gemini Flash with Google Search grounding and can store profiles for reuse, but it does not present a user-facing warning that brand queries will be sent to external services or that results may be written to disk. This lack of notice undermines informed consent and can expose sensitive client or campaign-related brand research to third parties or shared local storage.

Missing User Warnings

Low

Confidence: 89% confidence
Finding: The script sends the user-supplied brand name and generated research queries to Google's Gemini API with Google Search enabled, which causes external network disclosure of user input and derived queries. This is a real privacy/data-handling issue, even if expected for the feature, because there is no explicit consent notice or control at the call site and users may provide sensitive/internal brand names.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal