Offer Naming Magic Formula

Security checks across malware telemetry and agentic risk

Overview

This is a text-only marketing naming guide with no executable code, credential access, persistence, or hidden system behavior.

Reasonable to install as a low-risk copywriting aid. Before publishing generated names or promotions, verify that discounts, scarcity, timelines, and outcome claims are real, substantiated, and allowed by the relevant ad platform and laws.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill explicitly promotes scarcity, discount framing, and A/B testing of names to improve conversion, and it links to additional urgency tactics, but it does not provide a clear warning against deceptive claims or manufactured scarcity. Although there is one limited compliance note about outcome-plus-time claims, the broader guidance could still encourage users to create misleading promotions or noncompliant ads, especially when it suggests changing wrappers and promotional enhancers without changing the underlying offer.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal