Event Planner Pro

Security checks across malware telemetry and agentic risk

Overview

This is a text-only event-planning skill with no executable behavior, but users should be careful with attendee and sponsor data.

Installation is reasonable for event-planning assistance. Before using the registration, sponsor, survey, or attendee-list templates, collect only necessary fields, share attendee or lead data only with explicit opt-in consent, restrict access to printouts and exports, delete copies when no longer needed, and follow applicable privacy laws.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: This skill explicitly encourages collecting, storing, and sharing attendee information such as registration details, surveys, lead lists, buddy matches, and sponsor-provided attendee data, but provides almost no privacy, minimization, retention, or lawful-basis guidance. In an event-planning context, this creates a realistic risk of unauthorized disclosure, noncompliant processing, and privacy-law violations, especially where sponsor lead sharing or attendee list distribution is involved.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal