Customer Feedback

Security checks across malware telemetry and agentic risk

Overview

This is an informational customer-feedback skill with no code or system access, but users should apply stronger privacy practices when recording interviews.

Before using this skill for real customer interviews, make sure your team obtains explicit informed consent, explains how recordings or notes will be used, stores them securely, limits access, and deletes or redacts sensitive material according to your organization’s policies and applicable law.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Low

Confidence: 85% confidence
Finding: The skill advises recording customer interviews with only a brief 'with permission' note, but it omits concrete guidance on informed consent, storage limits, access controls, retention, and handling of sensitive personal or business information. In a feedback-collection skill, this can lead users to gather and retain recordings in ways that create privacy, compliance, and trust risks, especially if interviews contain personal data or confidential business details.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal