Persona Customer Support

Security checks across malware telemetry and agentic risk

Overview

This is a coherent customer-support skill, but it can access customer email and update shared business tools without clear approval or data-handling limits.

Install only for a support account where the agent is allowed to access customer email and update shared Workspace records. Before use, configure least-privilege access, confirm the support label, target sheet, Chat space, and calendar, and require human review before sending customer-facing messages, posting escalations, or creating follow-up events.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 87% confidence
Finding: The skill instructs the agent to triage customer email, convert emails into tasks, append ticket data to sheets, escalate issues in chat, and schedule follow-ups without any guidance to minimize, classify, redact, or obtain approval for handling sensitive customer data. In a customer support persona, emails commonly contain PII, account details, incident data, or other confidential information, so silently propagating that content across multiple external tools increases the chance of over-collection, unauthorized disclosure, and privacy/compliance violations.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal