Competitor Offer Monitor

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed advisory playbook for competitor pricing and conversion analysis, with no executable code or hidden access.

Reasonable to install as an advisory skill. Verify internal causes such as site incidents, tracking changes, stockouts, payment failures, and traffic mix before changing prices, and involve business or legal owners for binding pricing or MAP decisions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The trigger guidance is unusually broad and includes generic symptoms such as 'CVR tanked this week' or 'ads are fine but nobody buys,' which can cause the skill to activate in situations where competitor pricing is not the real issue. That can steer the agent into unnecessary competitor-analysis workflows, creating misrouting risk and potentially prompting inappropriate pricing or promotional advice based on weak evidence.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal