Back to skill

Security audit

B2b Saas Landing Page

Security checks across malware telemetry and agentic risk

Overview

This is a text-only B2B SaaS landing-page copywriting skill with no code execution, credential access, persistence, or hidden system behavior.

Safe to install for B2B landing-page copy and CRO assistance. Review any generated recommendations involving analytics, heatmaps, forms, or tracking tools for your own privacy, consent, and compliance requirements before implementing them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The trigger list is broad enough to activate on many common writing and marketing requests, which can cause the skill to be invoked outside a narrowly scoped landing-page context. Over-broad routing increases the chance of unintended context capture, user confusion, and inappropriate automation decisions, especially in systems that auto-select skills based on keyword matches.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.