Back to skill

Security audit

Client Outreach Automator

Security checks across malware telemetry and agentic risk

Overview

This is a text-only sales outreach drafting skill, with no code or account access, but users should apply outreach law, platform rules, and truthfulness checks before using its templates.

Install only if you want help drafting outreach. Before using the generated messages, verify personalization and any testimonials or performance numbers, use legally sourced contacts, honor opt-out and platform rules, and avoid mass or deceptive outreach.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill operationalizes cold outreach across email, LinkedIn, and phone scripts while omitting any safeguards around consent, lawful basis, platform rules, anti-spam requirements, or reputational harm. This can facilitate spammy or non-compliant campaigns at scale, especially because the skill provides ready-to-use templates and trigger conditions that encourage unsolicited contact.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.