Back to skill

Security audit

Ai Cgo

Security checks across malware telemetry and agentic risk

Overview

This is a growth-strategy advice skill with no executable code, but users should be deliberate about letting it store business metrics or lessons for reuse.

Install only if you want a growth-advisory skill that may ask for and remember business metrics during use. Before approving any knowledge-base or router-signal update, review it for proprietary numbers, customer details, strategy, or internal benchmarks and keep sensitive details out unless you intentionally want them retained.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The skill metadata includes broad Chinese trigger phrases such as '增长策略', '增长瓶颈', and '怎么用AI赚钱' that map to common business discussion rather than narrowly scoped requests. This can cause accidental invocation in unrelated conversations, increasing the chance that the skill captures context it should not process and overrides more appropriate routing.

Vague Triggers

Medium
Confidence
96% confidence
Finding
The router rules rely on generic phrases like 'build', 'design', 'optimize', 'fix', and 'what should we do', which are highly ambiguous across many non-growth tasks. In an agent ecosystem, this can misroute user requests into this skill, leading to unintended handling of user data and execution logic under the wrong capability boundary.

Vague Triggers

Medium
Confidence
93% confidence
Finding
The routing phrases are broad, generic terms like "build," "optimize," and "what should we do," which are likely to match many ordinary requests outside the intended growth-strategy scope. In an agent-routing context, this can misclassify user intent, send requests to an overly powerful or irrelevant skill, and cause unsafe or misleading downstream actions.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The fallback rule for "Mix of multiple signals" routes to Diagnoser with a lower threshold but does not define what qualifies as a mix or how conflicts are resolved. This ambiguity can be exploited by crafting prompts with loosely related keywords to force routing into a default path, increasing the chance of incorrect analysis or unintended agent behavior.

Ssd 3

Medium
Confidence
97% confidence
Finding
The skill instructs persistent session memory, execution logging, assumption tracking, and satisfaction recording across turns, including business metrics like budget, CAC, and LTV. Retaining this conversationally supplied business data without minimization, consent, or access controls creates a material risk of sensitive commercial information being stored and later exposed through prompts, logs, or downstream tools.

Ssd 3

Medium
Confidence
98% confidence
Finding
The optimization protocol directs the agent to extract user conversation content and write it into persistent knowledge files such as kb.md and router-signals.md. Even with a note about confirmation, the design normalizes transforming sensitive business discussions into reusable artifacts, which can leak proprietary strategy, industry benchmarks, failure modes, or internal operational details across sessions or users.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.