Back to skill

Security audit

Post-Purchase Flow

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only ecommerce workflow skill, but it includes review-gating guidance and under-scoped customer data practices that users should review carefully.

Install only after reviewing the marketing and privacy guidance. Do not implement negative-review interception as written; give all reviewers an equal public submission path while separately offering support. Require documented consent for SMS and marketing messages, honor unsubscribe/STOP requests, minimize customer data, avoid raw order or customer IDs in URLs, and use explicit rights terms before collecting or reusing customer-generated content.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (9)

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The skill advises exporting automations, pulling performance metrics, and using customer engagement and order data, but it does not warn about handling personal data, data minimization, access controls, or compliance obligations. In this context, users may be encouraged to process order history, behavioral data, and support data without safeguards, increasing privacy and compliance risk.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill recommends SMS for post-purchase updates without clearly requiring prior consent, opt-out handling, and compliance with laws such as TCPA or similar regional rules. Because SMS is a regulated channel, omission of compliance guardrails could lead users to implement unlawful messaging practices.

Natural-Language Policy Violations

High
Confidence
96% confidence
Finding
Telling users to route negative reviews to support before public posting can facilitate review gating or selective suppression of unfavorable feedback. In a commerce skill, this is especially risky because it can distort consumer trust, violate platform rules and FTC principles, and expose the business to regulatory and reputational harm.

Natural-Language Policy Violations

High
Confidence
94% confidence
Finding
The explicit endorsement of 'negative review interception' reinforces a non-neutral moderation pattern and normalizes potentially deceptive review practices. In the context of a skill intended to operationalize post-purchase flows, examples are likely to be copied directly, making the problematic guidance more dangerous than a vague statement.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The guide gives operational SMS and email marketing timing recommendations, including promotional and marketing SMS windows, but does not state that these sends require prior consent, clear opt-out handling, and compliance with applicable laws and carrier/platform rules. In a post-purchase workflow skill, this omission can cause an agent to implement unlawful messaging practices at scale, especially because the document reads like authoritative execution guidance.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The template instructs users to collect and integrate shipping events, customer purchase history, engagement data, SMS delivery, and tracking data without any accompanying privacy, consent, retention, or regulatory safeguards. In a post-purchase marketing context, this can normalize noncompliant personal-data processing under GDPR/CCPA/TCPA or similar laws, leading to unauthorized messaging, excessive tracking, or overcollection of customer data.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The workflow explicitly routes 1-3 star reviews to support before public posting, but the template provides no warning that this may constitute deceptive review gating or moderation if not handled transparently and in compliance with platform rules and consumer-protection law. In practice, this can suppress negative feedback, distort public ratings, and expose the business to regulatory, platform, and reputational consequences.

Natural-Language Policy Violations

Medium
Confidence
94% confidence
Finding
The checklist explicitly recommends intercepting low ratings and routing them to support before allowing public posting, which can enable review gating and distort the authenticity of published reviews. In a post-purchase marketing/CRM skill, this is more dangerous because it is framed as a best-practice workflow and could be implemented at scale, creating regulatory, platform-policy, and consumer-trust risk.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The guide recommends welcoming customers by name via order ID or customer ID in URL parameters, which can expose identifiers through browser history, server logs, analytics tools, referrer headers, screenshots, and link sharing. In a post-purchase flow context, these identifiers are directly tied to real customer orders, making the privacy risk concrete rather than hypothetical.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.