Content Writing & Thought Leadership

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only B2B writing aid with no code execution or credential access; its main caution is to review public, legal, and region-specific content before use.

This skill is reasonable to install as a writing and strategy guide. Before publishing generated content, confirm the audience region and tone, verify all claims and statistics, avoid confidential or customer-identifying data unless approved, and use legal or compliance review for fintech, HR, regulatory, or public-company topics.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Natural-Language Policy Violations

Medium

Confidence: 84% confidence
Finding: The skill assigns default writing styles based on geography (e.g., 'India' vs 'US') without requiring explicit user preference or consent. This can steer outputs using demographic proxies, leading to stereotyping, reduced user agency, and potentially inappropriate or exclusionary content recommendations.

Natural-Language Policy Violations

Medium

Confidence: 90% confidence
Finding: The dedicated India and US strategy sections hard-code audience and style assumptions by region, which can cause the agent to apply cultural generalizations even when they do not fit the user's actual market or communication goals. In a content-writing skill, these assumptions directly shape generated messaging, making biased or misaligned outputs more likely.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal