MBB Strategist

Security checks across malware telemetry and agentic risk

Overview

This appears to be a markdown-only business strategy assistant with no evidence of code execution, data access, persistence, or hidden behavior.

Safe to install for business strategy and consulting-style analysis. Users should treat its output as advisory, verify business facts and assumptions, and be aware it may activate on broad business questions where a narrower skill could be preferable.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The manifest description is broad enough to activate on a wide range of generic business requests, which can cause this skill to be selected in contexts beyond its intended scope. Over-broad routing increases the chance that users receive consultant-style guidance when they expected narrower domain behavior, and it can overshadow more appropriate skills or create prompt-scope confusion.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal