Back to skill

Security audit

Phy Founder Gtm

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only startup marketing router with broad activation wording but no code, credential access, persistence, or hidden data handling.

Install this only if you want a lightweight router for founder GTM questions. Be aware it may activate on broad marketing or distribution prompts, and review any delegated skills separately before relying on them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The skill description includes broad trigger phrases such as "distribution," "growth tactics," and "general marketing questions," which can match a wide range of ordinary user requests. In a router skill, this increases the chance of accidental invocation, causing misrouting, unnecessary context capture, or interference with more specific skills that should handle the request.

VirusTotal

No VirusTotal findings

View on VirusTotal

Static analysis

No suspicious patterns detected.