Founder Content

Security checks across malware telemetry and agentic risk

Overview

This is a content-writing guidance skill with some broad defaults, but it does not show hidden execution, credential use, automatic posting, or data exfiltration.

Before installing, confirm the target platform, audience, and language when requesting content. Review generated posts carefully, especially when using commit history, PRs, release notes, customer stories, or unreleased product details as source material.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

High

Confidence: 97% confidence
Finding: The manifest description contains very broad activation phrases such as "write a post," "create content," and "any content creation request," which can cause the skill to trigger on a wide range of unrelated user requests. This creates overreach risk: the agent may invoke this skill when the user did not explicitly ask for it, causing unintended data use, prompt hijacking of task flow, or inappropriate platform-specific behavior to be applied automatically.

Natural-Language Policy Violations

Medium

Confidence: 89% confidence
Finding: The skill sets platform language defaults, including making 小红书 Chinese-primary, without stating that the user must confirm or override these preferences. If auto-applied, this can lead to outputs in an unintended language or format, which is a consent and usability problem and may cause miscommunication or accidental disclosure to the wrong audience.

VirusTotal

No VirusTotal findings

View on VirusTotal