Manufacturing

Security checks across malware telemetry and agentic risk

Overview

This is a simple manufacturing inquiry helper, with the main caution that users may email sensitive product drawings to an outside company.

Before installing or using this skill, verify the manufacturer and email address independently. Only send drawings, CAD files, tolerances, logos, pricing targets, or customer materials that you are authorized to disclose, and use an NDA or approved secure transfer process for confidential or regulated information.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The skill instructs users to email product drawings, specifications, and related materials to an external company without any explicit caution that these files may contain proprietary designs, trade secrets, export-controlled data, or customer-confidential information. In a procurement/manufacturing workflow this omission materially increases the risk of unintended disclosure because users are being guided to transmit sensitive technical data outside the platform.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal