Back to skill

Security audit

Tmp Skill

Security checks across malware telemetry and agentic risk

Overview

This sales helper appears purpose-aligned, but needs review because it stores prospect data in plaintext and one script can write outside its intended leads folder when given path-like company names.

Review before installing. Use only if you are comfortable storing prospect and customer information in local plaintext files, and do not use company names containing slashes, '..', or path-like text unless the filename handling is fixed. Treat any CRM sync as a third-party data transfer and use approved tools, minimal fields, and least-privilege credentials.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly instructs users to collect and store personal contact data such as names, emails, phone numbers, LinkedIn URLs, job titles, and meeting notes, but provides no privacy notice, retention guidance, access controls, or handling requirements. In a sales/CRM context this is real risk because the workflow encourages accumulation of prospect PII and business-contact data that could be mishandled, over-retained, or processed without appropriate consent or legal basis.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill recommends syncing lead and pipeline data to HubSpot, Salesforce, and Notion APIs and also promotes outreach automation, but it does not warn that prospect/customer information may be transmitted to third-party services with separate security, privacy, and compliance implications. This can expose users to unintended data sharing, policy violations, or regulatory issues if they sync PII without understanding where it is sent or how those platforms process it.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The script writes personally identifiable information, including contact names and email addresses, into persistent plaintext files under the user's home directory without any notice, consent prompt, retention controls, or protection measures. In a sales/CRM skill this is sensitive business and personal data, so silent local storage increases the risk of accidental disclosure through backups, shared accounts, endpoint compromise, or unintended repository sync.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.