LinkedIn Profile Optimizer

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a text-only LinkedIn profile rewriting helper, with the main risk being that users may paste personal or business-sensitive profile details.

Before installing or using it, avoid pasting confidential employer information, private metrics, contact details, or anything you would not want processed by an AI assistant. Share only the profile sections needed for rewriting, and redact sensitive names or numbers when they are not essential.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill explicitly asks users to paste detailed LinkedIn profile content, including employment history, positioning goals, and featured content, but provides no warning about privacy, data minimization, or redaction of sensitive information. This creates a real privacy risk because users may disclose personal or proprietary professional data unnecessarily, especially when interacting through third-party AI platforms with unknown retention or sharing practices.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal