Back to skill

Security audit

Lead Discovery

Security checks across malware telemetry and agentic risk

Overview

This lead prospecting skill fits its purpose, but needs review because it can run daily, use external services, collect contact details, and change CRM records without clear approval controls.

Review before installing. Use only for authorized prospecting, with least-privilege Jina, CRM, and Supermemory credentials. Add or require an approval step before CRM writes or outreach tagging, confirm the daily schedule is desired, and define privacy, retention, correction, and deletion rules for collected contact data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill explicitly harvests external company contact details and automatically writes prospect records into a CRM, including next-action fields for outreach, without any user-facing consent, review gate, or privacy warning. This creates a real data-handling and integrity risk because externally collected personal/business contact data may be inaccurate, regulated, or unwanted, and the automation can silently create or modify operational records.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill sends search queries and target company URLs to Jina third-party services but does not warn the user that external data will be transmitted off-platform. This is dangerous because search intent, prospecting targets, and investigated company URLs may be sensitive business intelligence, and undisclosed third-party sharing can violate user expectations, confidentiality requirements, or internal policy.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.