Ai Content Generator

Security checks across malware telemetry and agentic risk

Overview

This skill is a small AI-content placeholder with no evidence of hidden access, data theft, persistence, or destructive behavior.

Safe to inspect and run as a local placeholder. Do not provide an OpenAI API key or sensitive prompt content unless a future version clearly implements provider calls, documents what data is sent, and explains how credentials should be supplied.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: This is a markdown file, so SQP-2 applies to omissions in user-facing warnings. The README describes generating content with AI and explicitly requires an OpenAI API key, which strongly implies prompts or content will be sent to a third-party service, but it does not disclose any privacy or data-handling implications to the user.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal