Content Ideas Generator

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only content outlining skill whose URL fetching and local file saving are disclosed and fit its stated purpose.

Install is reasonable for a content workflow. Only provide URLs and source material you want analyzed, avoid private or internal links, and remember the generated markdown file may contain direct quotes or summaries from your input. Review any outlines before publishing because the style instructions favor strong, absolute language.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill instructs saving generated output to disk without warning that the source material may contain sensitive personal, proprietary, or copyrighted content. This creates a data handling risk because extracted quotes, notes, or summaries derived from confidential input may be persisted locally longer than the user expects.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The skill permits fetching arbitrary user-supplied URLs without any privacy or network-use notice. This can expose the agent environment's network behavior to untrusted destinations and may retrieve private, tracking, or internal resources if not separately constrained by the runtime.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal