Generate Med Spa Studio Client Education Handout
Security checks across malware telemetry and agentic risk
Overview
This handout-writing skill appears non-malicious, but it asks for broad shell and file-reading access that is not explained by the writing workflow.
Review before installing. The content goal is reasonable, but prefer a version that removes Bash and limits Read to user-selected source files. If you use it, do not grant broad local access unnecessarily, and have medical, treatment, or advertising claims checked by a qualified reviewer before sending the handout to clients.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
63/63 vendors flagged this skill as clean.