Prospect

Security checks across malware telemetry and agentic risk

Overview

This is a text-only prospect prioritization skill with expected business-contact data use and no code execution, credentials, persistence, or autonomous actions.

Install this if you want help prioritizing sales, partnership, or business-development prospects. Avoid entering unnecessary personal data, sensitive attributes, private relationship details, or information you are not allowed to use for marketing or outreach; confirm the skill is being used only for prospect evaluation when a request is ambiguous.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Low

Confidence: 80% confidence
Finding: The skill explicitly invites collection and use of target source, prior context, and relationship information, which can include personal or sensitive prospect data, but it does not give concrete privacy-handling guidance at the point of collection. In a sales/prospecting context this can normalize ingesting personal data without minimization, lawful-basis checks, or restrictions on sensitive attributes, increasing the risk of privacy misuse and noncompliant targeting.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal