Security audit

Customer Research

Security checks across malware telemetry and agentic risk

Overview

This is a sales customer-research skill that searches public sources and creates local reports/PPTs, with broad activation wording but no hidden theft, destructive behavior, or credential use found.

Install only if you want an assistant to research customers and competitors from public sources and create local sales deliverables. Confirm the exact customer, whether competitor/procurement intelligence is in scope, the output location, and any recipient/channel before files are sent.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (4)

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The trigger condition "any new customer name appearing for the first time" is overly broad and can cause the skill to activate during ordinary conversation without clear user intent. In a sales-research skill, that increases the chance of unintended web research, document generation, or downstream actions being initiated on entities merely mentioned in passing.

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The manifest description is malformed and overly broad, so it does not clearly constrain when the skill should be invoked or what operations it is authorized to perform. In an agent ecosystem, ambiguous activation scope can cause the skill to be selected in inappropriate contexts, increasing the chance of unintended data handling, misuse of dependent capabilities, or policy bypass through confusion about purpose.

Natural-Language Policy Violations

Low

Confidence: 77% confidence
Finding: The garbled/unreadable text prevents reviewers and routing logic from understanding the skill’s intended behavior, which weakens transparency and informed consent for activation. While this is not direct code execution risk, it can hide scope, create localization/policy mismatches, and make other risky behavior harder to detect during review.

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The routing triggers are broad enough that ordinary research requests such as market research, procurement history, or industry competitor questions could activate this module without clear user consent. In this context, that can cause the agent to collect and infer sensitive business intelligence, procurement history, and decision-maker information beyond the user's intended scope, increasing privacy, compliance, and data-minimization risk.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Static analysis

No suspicious patterns detected.