Security audit
Agentic Email Skill
Security checks across malware telemetry and agentic risk
Overview
This skill appears to be a local email-drafting and PDF-rendering helper with no evidence of hidden sending, credential access, persistence, or network behavior.
Install only if you are comfortable with a local tool that can read user-supplied Markdown/logo files and write PDF, Markdown, or PNG artifacts to paths you choose. Review any generated outreach copy before sending, since the skill drafts emails but does not verify recipients or deliver messages.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.
Static analysis
No suspicious patterns detected.
