Pitch Amplifier

Security checks across malware telemetry and agentic risk

Overview

This skill does its stated pitch-planning job, but it can send reporting clues and local graph context to an external LLM using existing API keys without disclosing that in the skill instructions.

Review before installing if your reporting clues, source names, allegations, or local city graph are sensitive. Unset OPENAI_API_KEY and GLM_API_KEY to use the offline fallback behavior, and verify the referenced local city-knowledge-graph project before running the script.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill sends raw user-provided text to an external LLM service for entity extraction without any visible disclosure, consent, or data-minimization step. Because users may enter sensitive reporting leads, names, allegations, or unpublished newsroom context, this creates a real confidentiality and privacy risk through third-party transmission.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The skill transmits graph-derived context from a local city knowledge graph to an external LLM when generating the final pitch. That local graph may contain proprietary, unpublished, or sensitive institutional relationships, so exfiltrating enriched internal context to a third party can leak substantially more than the original user prompt.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal