Back to skill

Security audit

Lead Nurture

Security checks across malware telemetry and agentic risk

Overview

This skill generates marketing follow-up sequences and CRM-ready templates; it does not run code or access accounts, but users should review consent and compliance before using its outputs.

Safe to install as a planning/generation skill. Before importing its output into a CRM or messaging platform, confirm recipient consent, honor unsubscribe or STOP requests, avoid sensitive personal data in prompts and exports, and have a human review any live email/SMS automation settings.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The skill is explicitly designed to generate automated email/SMS nurture sequences, engagement scoring, contact tagging, and CRM exports, but it does not warn users that using the output can affect customer data, trigger outreach workflows, or create compliance/privacy obligations. In a messaging and CRM context, missing disclosure increases the risk of unsafe automation, unintended bulk outreach, and mishandling of personal data or consent-sensitive communications.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.