Customer Support Command Center

Security checks across malware telemetry and agentic risk

Overview

This is a legitimate customer-support playbook, but it gives an agent broad customer, billing, retention, and privacy-operation authority without enough approval boundaries.

Install only with scoped support permissions and a draft/review workflow. Require human approval before sending customer-facing messages, issuing refunds or credits, changing plans, making discounts or retention offers, locking accounts, or fulfilling privacy export/deletion requests. Use approved privacy and billing systems with logging, role checks, and confirmation steps.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 85% confidence
Finding: The skill instructs the agent to export all customer data and delete PII for GDPR/privacy requests, but only adds a brief identity-verification note and omits stronger safeguards such as authorization checks, approval requirements, audit logging, scope minimization, and explicit warnings about irreversible or highly sensitive actions. In a support-operations skill, these directions could be operationalized too literally by an agent, leading to unauthorized data disclosure or destructive deletion based on spoofed, mistaken, or incomplete requests.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal