Customer Service Reply

Security checks across malware telemetry and agentic risk

Overview

The skill appears to use local files for its own records and history, with privacy considerations but no evidence of exfiltration, deception, privilege escalation, or destructive behavior.

Before installing, assume anything you add through the skill and possibly command arguments may be saved in local files. Avoid entering secrets or regulated personal data unless you are comfortable with local retention, and check whether the skill provides a way to view, delete, or rotate its stored records and history.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The script writes command activity to a persistent history log without any user-facing disclosure or consent. In an agent/skill context, command arguments may contain sensitive customer data, identifiers, or operational details, causing unintended local retention and later exposure to other local users, backups, or forensic review.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The add command appends arbitrary user-supplied content directly into a persistent data file without warning that the information will be stored. In a customer-service-related setting, users may enter personal, confidential, or regulated data, and silent persistence increases privacy, compliance, and unintended disclosure risks.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal