Contract Renewal & Expiration Manager

Security checks across malware telemetry and agentic risk

Overview

This is a checklist-style contract renewal workflow with no executable code, but users should store contract records in restricted company-approved systems.

Safe to install as a manual workflow. Use restricted, company-approved storage with role-based access, avoid broadly shared folders for contracts, and have legal/procurement stakeholders review renewal decisions and outbound notices before sending.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The skill directs users to store all contracts in a single accessible location such as a shared drive or workspace, but provides no guidance on access controls, encryption, retention, or least-privilege handling. Contracts commonly contain sensitive commercial, legal, pricing, and personal data, so encouraging centralized storage without security guardrails increases the risk of unauthorized access or oversharing.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal