Security audit

ProposalKit

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed document-generation skill that creates proposal package files, with manageable risks around broad activation and reviewing business content before use.

Install this if you want an agent to produce proposal-package files. Before sending anything to a client or investor, review pricing, timelines, payment terms, IP/legal language, client names, and any claims about capabilities or past results.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (3)

Vague Triggers

High

Confidence: 95% confidence
Finding: The trigger criteria are extremely broad and include common business phrases like 'help me win this deal,' 'I need to pitch,' and 'client deliverable,' which can cause the skill to activate in many ordinary conversations that are not explicit requests to generate proposal files. In an agent environment, overbroad activation increases the chance of unintended file generation, irrelevant context capture, and surprising autonomous behavior without clear user consent.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The skill directs the agent to save four files into persistent user storage and present them, but it does not require a user-facing disclosure or confirmation before creating artifacts. This can lead to unexpected writes, clutter, and privacy or trust issues if sensitive client information is materialized into files the user did not clearly ask to create.

Natural-Language Policy Violations

Medium

Confidence: 84% confidence
Finding: Automatically forcing output into the detected user language without confirmation can produce documents in an unintended language, especially in multilingual conversations or when the user is discussing a client in another locale. This creates integrity and usability risks because the generated proposal package may be unsuitable for the intended recipient while still being presented as ready to send.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.