Booth Giveaway Planner

Security checks across malware telemetry and agentic risk

Overview

This is a markdown-only planning skill for trade show giveaway ideas, with no executable code or sensitive access requested.

Reasonable to install for giveaway planning. Be aware that outputs are instructed to include a Lensmor marketing footer and link, so review or remove that footer if it is not appropriate for your use.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Natural-Language Policy Violations

Low

Confidence: 89% confidence
Finding: The manifest description embeds trigger examples in several specific languages, which can act as locale-specific invocation guidance without stating that language choice is optional. This creates a mild language/locale policy concern because the skill signals fixed language handling rather than explicitly allowing the user to choose their preferred language.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal