Back to skill

Security audit

Interview Simulator

Security checks across malware telemetry and agentic risk

Overview

This is a prompt-only mock interview skill with optional resume-based tailoring; the main user risk is oversharing personal information in a resume.

Safe for normal mock interview practice. Before pasting a resume or work history, redact unnecessary contact details, addresses, identifiers, references, and confidential employer or client information; the underlying LLM platform may handle or retain submitted text according to its own policies.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The README explicitly encourages users to upload or paste resumes for targeted interviews, but provides no warning that resumes often contain sensitive personal data such as full name, email, phone number, employment history, and sometimes addresses. In a prompt-based skill intended for arbitrary LLM platforms, this omission can lead users to disclose sensitive data without understanding retention, logging, or third-party handling risks.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.