Product Reverse Analysis

Security checks across malware telemetry and agentic risk

Overview

This is a plain instruction-only skill for analyzing product screenshots and producing a structured report.

Reasonable to install for product or UI screenshot analysis. Before use, redact passwords, API keys, customer data, or confidential business information from screenshots, and expect the agent may create a Markdown report file.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 84% confidence
Finding: The skill instructs writing an MD file without notifying the user that file creation will occur. Hidden persistence or side effects can violate user expectations, create unwanted artifacts, and become a stepping stone for abuse in environments where skills have filesystem access.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal