S2 品牌母体业务空间矩阵架构师

Security checks across malware telemetry and agentic risk

Overview

This skill only helps draft a brand business-space planning blueprint and does not include code, installation steps, credentials, or external actions.

Use this as a conceptual planning aid. Avoid entering confidential business data unless you are comfortable sharing it with the agent session, and review any generated blueprint before using it to configure real agents, subscriptions, APIs, or business workflows.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The README tells users to invoke the skill with only a brand identifier and vague business goals, without defining clear scope, allowed inputs, or operational boundaries. Overly broad invocation guidance can cause the agent to be applied in unintended contexts, increasing the chance of unsafe planning, overcollection of business data, or downstream misuse if other tools/actions are connected.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal