Security audit

Katelynn Lead Gen

Security checks across malware telemetry and agentic risk

Overview

This is a coherent lead-generation skill, but it needs review because it can collect contact details and direct outreach, SMS alerts, and phone routing without clear approval or compliance guardrails.

Install only if you are comfortable with an agent researching prospects and handling business contact data. Before use, require human approval before any email, LinkedIn message, call, SMS, transfer, CRM update, export, or follow-up; use lawful and permitted data sources; honor opt-outs and platform terms; review generated contact records and learned rules; and inspect any external scripts or release files before running them.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (6)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The README explicitly states the skill returns lead records with names, titles, companies, and contact information, then supports exporting that data, but it provides no privacy, lawful-basis, consent, or acceptable-use guidance. In a lead-generation context this can normalize bulk collection and processing of personal data for outreach, increasing the risk of privacy-law violations, misuse of scraped data, and harmful unsolicited contact.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The README instructs users to search LinkedIn, Crunchbase, and job boards for prospects without warning that queries and retrieved profile data may be sent to third-party services and may be governed by those services' terms and privacy restrictions. Because this skill is specifically designed for prospecting and outreach, the omission materially increases the chance of unauthorized data harvesting, terms-of-service violations, and downstream privacy harm at scale.

Vague Triggers

Medium

Confidence: 87% confidence
Finding: The trigger conditions are very broad and include common sales-assistance phrases, which increases the chance the skill is invoked when a user only wanted research, drafting help, or general advice. In this skill, over-triggering is riskier than usual because invocation can lead into collection of contact data and guidance for outreach, calling, SMS routing, and follow-up workflows.

Missing User Warnings

High

Confidence: 95% confidence
Finding: The skill explicitly supports outreach, warm-transfer, SMS alerts, and automated follow-up using prospect contact details, but it does not require a clear user-facing warning or consent checkpoint before handling personal/business contact data or initiating external communications. That creates privacy, compliance, and misuse risks, especially because the skill is designed to operationalize contact with real people across multiple channels.

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The manifest uses broad, highly permissive activation language such as general prospecting and outreach requests without clear boundaries or consent constraints. This increases the chance the skill is invoked in situations the user did not explicitly intend, leading to unsolicited web research, lead collection, and outreach generation using powerful tools.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The manifest advertises lead generation and outreach but does not clearly warn users that the skill may perform external web research and use shell-capable tooling. In a sales context, that omission can cause unexpected collection of third-party data, opaque automation steps, or broader system interaction than the user realizes.

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal