Back to skill

Security audit

Generate Property Management Company Client Education Handout

Security checks across malware telemetry and agentic risk

Overview

This appears to be a normal handout-writing skill, but it requests broad local Read and Bash authority that is not explained by its document-generation purpose.

Review before installing. The skill content itself looks like a benign prompt for creating a client education handout, but consider limiting or disabling Bash and broad Read access unless you intentionally want it to inspect local files or run commands. Verify the publisher and repository before using the README install commands.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.