Workcrm
Security checks across malware telemetry and agentic risk
Overview
WorkCRM is a local-only CRM skill that stores drafts and confirmed CRM records in SQLite with no evidence of network access, hidden execution, or unsafe persistence.
Before installing, understand that WorkCRM will keep local CRM data and draft history on disk. This is expected for the skill, but users should choose the DB location deliberately if the records include sensitive business or personal information.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.