Security audit

Brand Intelligence

Security checks across malware telemetry and agentic risk

Overview

This is a coherent read-only brand intelligence plugin that queries geo.sig.ai, with privacy considerations but no evidence of hidden, destructive, or unrelated behavior.

Install only if you are comfortable with agents sending brand names, company lists, comparison targets, watchlists, and capability queries to geo.sig.ai or the configured API endpoint. Avoid using it for confidential strategy or undisclosed watchlists unless your organization approves that external service, and keep any optional API key private.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (3)

Vague Triggers

Medium

Confidence: 87% confidence
Finding: The trigger guidance is broader than necessary because it activates not only for explicit brand-brief requests, but also whenever a company is merely mentioned and background context might help. That can cause the agent to invoke the skill unnecessarily, leading to over-collection of external data, irrelevant tool usage, or response shaping the user did not request. In this skill's context, the risk is limited because the tool appears read-only and scoped to company summaries, but the broad trigger still creates avoidable autonomy and data-minimization issues.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: All nine tools are network-backed and send user-supplied parameters to the external geo.sig.ai service, but the tool descriptions do not clearly disclose that data leaves the local agent environment. In an agent setting, users may provide sensitive company names, watchlists, or strategic queries assuming local processing; undisclosed transmission to a third party creates a privacy and trust risk.

Missing User Warnings

Low

Confidence: 87% confidence
Finding: The plugin consumes an API key from configuration to authenticate outbound requests, but there is no user-facing disclosure that third-party credentials are being used for these operations. This is primarily a transparency and governance issue: users or operators may not realize tool usage incurs authenticated external access and associated logging, billing, or policy implications.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal