Back to skill

Security audit

LinkedIn DM

Security checks across malware telemetry and agentic risk

Overview

This skill is transparent about automating LinkedIn outreach, but it uses a logged-in LinkedIn account to send messages, stores contact/message records, and includes explicit automation-detection avoidance guidance.

Install only if you are comfortable letting an agent use your logged-in LinkedIn session to inspect profiles, send reviewed outreach, and store detailed outreach records. Review every message and recipient list before sending, use a private Google Sheet or avoid logging sensitive message bodies, and be aware the anti-detection instructions may put the LinkedIn account at risk.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
80% confidence
Finding
The skill instructs collecting and using extensive LinkedIn profile data from both the sender and recipients beyond the narrow inputs described in the manifest. This broadens personal-data processing and profiling without a clear minimization boundary, creating avoidable privacy risk and increasing the chance of overcollection.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The skill stores names, roles, profile URLs, message text, and campaign context in a local JSON sidecar without clearly warning the user that personal outreach data will persist on disk. Silent local retention of contact data and message contents increases privacy and data exposure risk, especially on shared or unmanaged systems.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill directs the agent to transmit and store detailed LinkedIn contact data and exact message contents in Google Sheets without an explicit privacy warning or consent checkpoint for third-party storage. This can expose personal data to broader access than the user expects and creates retention/sharing risks outside the core LinkedIn messaging task.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
This workflow performs externally visible, data-affecting actions: it sends LinkedIn DMs and persists outreach data to Google Sheets or a local file, but the file itself does not require an explicit confirmation or warning immediately before these actions. In an automation context, lack of a clear user-facing consent checkpoint increases the risk of unintended messages, privacy issues, and accidental storage of sensitive outreach content.

VirusTotal

56/56 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.