Client Outreach Automator

Security checks across malware telemetry and agentic risk

Overview

This is a one-file drafting skill for sales outreach; it does not request system access or send messages on its own.

Install only if you want help drafting sales outreach. Before using generated messages, verify claims and social proof, avoid deceptive personalization, use only lawfully obtained contact data, include required opt-out or unsubscribe language where applicable, and follow email, LinkedIn, telemarketing, and do-not-call rules.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 87% confidence
Finding: The skill operationalizes personalized cold outreach, LinkedIn follow-ups, and cold-call scripts while encouraging the use of business-specific details and pain points, but provides no guardrails around lawful data collection, consent, anti-spam compliance, or privacy-preserving personalization. This increases the likelihood that users will use scraped or inferred personal/business data for unsolicited contact, creating compliance, privacy, and reputational risk even though the content is framed as normal sales enablement.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal