Startup Pr Outreach

Security checks across malware telemetry and agentic risk

Overview

This is a markdown-only startup PR planning skill with disclosed draft-file outputs and no evidence of hidden execution, credential use, or data exfiltration.

Install this as a PR planning aid, not as an automation tool. Review generated files before sharing them, avoid putting highly sensitive launch or customer information in drafts unless appropriate for your workspace, and do not grant ad-buying, email-sending, social-posting, crypto, or purchase authority based on this skill alone.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The description says to use the skill whenever a founder or marketer needs to pitch reporters, plan a PR campaign, land media coverage, or avoid common PR mistakes, followed by a long list of trigger phrases. Several phrases such as 'product launch', 'PR strategy', and 'get coverage' are broad and lack clear scope constraints, which can cause unintended invocation for general marketing discussions.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal