interview-pro

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only interview preparation skill that appears safe, with the main caution being privacy when sharing resumes or interview details.

Use this as an interactive interview coach, but redact unnecessary sensitive details from resumes and notes, such as home address, ID numbers, compensation records, and confidential employer information. Review any companion skills before installing them because they may have separate permissions or behavior.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: This skill processes resumes, interview feedback, company names, role history, and likely other personally identifiable or sensitive career data, but it provides no warning or handling guidance. That increases the chance users will submit excessive sensitive information, which can create privacy exposure, unnecessary retention, or propagation of personal data into downstream integrated skills and generated reports.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal