Cold Outreach Sequence

Security checks across malware telemetry and agentic risk

Overview

This is a text-only guide for writing personalized LinkedIn and email outreach, with no code, credentials, automation, or hidden behavior.

Safe to install as a writing and planning guide. Before using it, make sure outreach is lawful and respectful: use appropriate professional information, avoid sensitive personal data, honor opt-outs, follow LinkedIn/email platform rules, and review every message before sending.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The skill explicitly instructs users to research individuals via LinkedIn activity, company news, websites, and podcasts to personalize unsolicited outreach, but it provides no warning about privacy expectations, consent boundaries, anti-spam rules, or platform terms. In context, this can normalize invasive profiling and policy-violating contact practices, increasing the chance of misuse for spam, harassment, or non-compliant personal-data processing.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal