Back to skill

Security audit

Web Design Lead Qualifier

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed public-website research helper that saves local lead reports and uses a bounded fetch script; its main risks are broad triggers and retained local reports.

Install if you are comfortable with the agent fetching public websites, optionally installing Playwright/Chromium, and keeping prospect reports on local disk. Use a private reports directory and delete old reports if prospect contact details or business assessments should not persist.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
83% confidence
Finding
The trigger phrases are broad enough that the skill could activate for generic requests like 'research this company for me' or 'check out a website,' causing unintended web crawling, data collection, and report generation outside the user’s precise intent. In an agent environment, over-broad invocation increases the chance of the skill being selected in contexts involving sensitive targets or where persistent report storage was not expected.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill persistently saves qualification reports containing prospect research, contact details, and business assessments to disk without a clear upfront warning about storage, retention, or local privacy implications. This creates a real confidentiality and compliance risk, especially on shared machines or in environments where users may not realize the data is being retained across sessions.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.