Back to skill

Security audit

Pans Linkedin Outreach

Security checks across malware telemetry and agentic risk

Overview

This is a local helper for drafting LinkedIn outreach messages, with no evidence of hidden access, automatic posting, credential use, or persistence.

Install this if you want a local drafting aid for LinkedIn sales outreach. Review generated messages before sending them, avoid entering sensitive personal or business details unless needed, and invoke it deliberately because its broad trigger terms may match some general LinkedIn or outreach discussions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger phrases are broad enough to match ordinary LinkedIn-related user requests without clearly defining when this skill should activate. That can cause unintended routing or over-application of sales-outreach behavior in contexts where the user did not explicitly ask for prospecting content, increasing the risk of prompt/scope confusion and inappropriate automated messaging.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The repeated trigger section again uses ambiguous, generic phrases like 'InMail' and 'connection request' without contextual qualifiers. Repeating broad triggers increases the chance of accidental invocation across benign LinkedIn discussions, which can misdirect the agent into generating unsolicited outreach content or mishandling user intent.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.