Client Onboarding Checklist

Security checks across malware telemetry and agentic risk

Overview

This skill is a document-template helper for IT client onboarding, with sensitive access topics mentioned only as checklist items.

Install is reasonable if you want onboarding templates. Review outputs before sending or saving them, avoid pasting passwords or raw secrets into the agent, and use a password manager or secure sharing process for any admin-access transfer.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill explicitly requests and processes sensitive contact details and indicates that login credentials and admin access may be transferred, but it does not provide a strong upfront privacy and secure-handling warning. In practice, users may paste secrets or personal data into the chat or store them via associated tools, increasing the risk of credential leakage, improper retention, or accidental disclosure.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal