Pm Review

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent product/design review helper, with the main caution that URLs or screenshots may be processed by external analysis tools.

Use this skill for public pages and non-sensitive mockups without special concern. Before using it on confidential screenshots, unreleased product designs, or internal URLs, confirm that any configured web-reader, web-search, or image-analysis MCP service is trusted and approved for that data.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The skill advertises very broad trigger phrases such as 页面评审、分析截图、评估设计、界面分析, which overlap with common user requests and can cause the skill to activate in situations the user did not explicitly intend. Because the skill then prefers external web/image tools, overbroad activation increases the chance of unnecessary processing and disclosure of user-provided URLs, screenshots, or page content to downstream tools.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The skill instructs the agent to send URLs, webpage contents, screenshots, and image files to external MCP or search tools, but does not warn the user that these inputs may be transmitted to third-party services. This creates a real privacy and data-governance risk, especially because page screenshots and internal URLs may contain sensitive business, personal, or unreleased product information.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal