Security audit

Insurance Private Domain Ops

Security checks across malware telemetry and agentic risk

Overview

This is a text-only insurance CRM guidance skill with no executable code, hidden access, or automatic data handling, though users should apply their own privacy and marketing-compliance checks.

Install only if you intend to use it for China insurance customer operations. Before using its scripts or SQL templates with real customers, confirm lawful basis, marketing consent, channel permissions, identity verification, unsubscribe handling, and local insurance/privacy compliance with your organization’s approved CRM and compliance process.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The trigger list includes very generic business and CRM phrases such as 'customer segmentation', 'CRM operations', and 'customer lifecycle', which are likely to match unrelated conversations and cause unintended invocation. In this skill, accidental activation is more concerning because the content steers users into regulated insurance-marketing and customer-data handling workflows, increasing the chance of inappropriate advice or data-processing guidance being surfaced in the wrong context.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The file provides multi-channel outreach scripts that explicitly reference policy expiration status, coverage gaps, product details, and customer identity placeholders, but it does not include any requirement to verify lawful basis, customer consent, opt-out handling beyond one SMS example, or data-minimization rules. In an insurance retention context, this can lead operators to process and disclose sensitive financial/insurance information through WeCom, SMS, and phone outreach in ways that violate privacy expectations or regulatory requirements.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.