Ads CRM Leads

Security checks across malware telemetry and agentic risk

Overview

This skill is an advice-only CRM lead-routing helper with no executable code, credentials, persistence, or hidden system access.

Reasonable to install for CRM lead scoring, routing, SLA planning, and follow-up cadence. Treat outputs as operational recommendations, avoid sharing unnecessary personal lead details, and review any suggested routing, SLA, or spend-related changes before applying them in real systems.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The trigger section is broad enough to match many generic business, marketing, and growth requests, causing the skill to activate outside its narrowly intended CRM lead-management scope. Over-broad invocation can route unrelated user queries into a specialized workflow, producing irrelevant or overconfident guidance and increasing the chance that this skill overrides better-matched skills or controls.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal