Apollo.io Enrichment

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Apollo.io enrichment helper, but it can send contact data to Apollo and return personal contact details when used.

Install only if you intend to use Apollo.io for contact or company enrichment. Use an Apollo API key you are comfortable delegating, expect Apollo credits to be consumed, and only submit contacts or bulk files that you are allowed to process and share with Apollo. Be especially deliberate with reveal-email and reveal-phone because they may expose personal contact information.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration

Findings (5)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 90% confidence
Finding: The skill clearly requires environment access for an API key and network access to query Apollo, but it does not declare those permissions. Undeclared capabilities reduce transparency and make it harder for users or the platform to evaluate what the skill can access, which is a security and governance issue even if the behavior is expected for the stated function.

Context-Inappropriate Capability

Medium

Confidence: 98% confidence
Finding: The search command contains hard-coded exclusion logic for specific competitor companies that is unrelated to generic Apollo enrichment functionality. This creates covert, biased behavior in a lead-generation tool and can silently manipulate business outcomes by suppressing results without the user's informed consent.

Vague Triggers

Medium

Confidence: 81% confidence
Finding: The description is broad enough that an orchestrator may invoke this skill for many ordinary company/contact lookup requests without clear user intent for external enrichment. In context, this is more dangerous because the skill can retrieve personal emails and phone numbers, causing unnecessary third-party data disclosure and over-collection.

Vague Triggers

Medium

Confidence: 83% confidence
Finding: The example prompts are generic and likely to trigger the skill on broad requests that could otherwise be answered without calling a third-party enrichment service. Because the skill can reveal personal contact data, imprecise prompts increase the risk of unintended retrieval and exposure of sensitive personal information.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill advertises options to reveal personal email and phone data but does not prominently warn users that it may retrieve and expose sensitive personal contact information. In a lead-enrichment context, this materially increases privacy and compliance risk because users may invoke the capability without understanding that personal data will be obtained from a third party.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal