Back to skill

Security audit

Outreach Scout

Security checks across malware telemetry and agentic risk

Overview

This skill is transparent about outreach scouting, but it can run repeated lead searches and may be configured for direct public posting without strong approval and privacy safeguards.

Install only if you intentionally want an agent to help with public outreach. Keep approval required, set direct-posting platforms to none, review every draft before posting, use narrow platform and keyword targets, respect community rules, and periodically delete or prune the outreach log.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The skill description is broad enough to match many ordinary marketing or growth-related requests, which increases the chance of unintended invocation. Because the skill performs external searching and drafts promotional outreach, accidental activation could lead to unsolicited lead generation behavior or privacy-invasive scanning in contexts where the user did not explicitly request outreach.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger phrase 'When asked to scout, find leads, or do outreach' is ambiguous and lacks a precise boundary for activation. Terms like 'find leads' or 'do outreach' can appear in planning, discussion, or analytical contexts, causing the agent to start autonomous prospecting, platform monitoring, or reply drafting without a clearly scoped user instruction.

Vague Triggers

Low
Confidence
87% confidence
Finding
The template leaves platform targeting criteria broadly defined with free-form keywords, hashtags, accounts, and forums, which can cause the agent to monitor and engage overly broad audiences without clear boundaries. In the context of an outreach automation skill that drafts promotional replies and may post directly, this increases the risk of spammy, deceptive, or policy-violating engagement across public platforms.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.