Back to skill

Security audit

Prospecting

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed B2B lead-generation skill, but it deserves review because it can bulk collect and save outreach contact lists without strong privacy, retention, or confirmation safeguards.

Install only if you intentionally want B2B prospecting. Before running it, confirm the geography, industry, sources, and output path; make sure your data collection and outreach comply with platform terms, privacy laws, do-not-call and anti-spam rules; avoid unnecessary personal contacts; and delete or secure prospect-data files when they are no longer needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Intent-Code Divergence

Medium
Confidence
94% confidence
Finding
The checklist establishes a strict 'real data only' policy, but later includes an example with a fabricated placeholder phone number. In a prospecting workflow, this contradiction can normalize synthetic contact data entering lead lists, causing sales misuse, compliance problems, and data integrity failures.

Intent-Code Divergence

Medium
Confidence
96% confidence
Finding
The document tells operators to stop and report when placeholder phone numbers appear, yet later presents a placeholder phone in the recommended annotation format. That inconsistency can lead agents or downstream automation to treat forbidden synthetic data as acceptable, undermining safeguards intended to prevent fabricated prospect records.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger list includes broad generic phrases such as "prospect," "find customers," and "lead gen," plus multilingual variants, which can cause the skill to activate in contexts the user did not explicitly intend. In a sales/prospecting skill that performs broad web search and produces outreach lists, unintended activation increases the risk of inappropriate data collection, irrelevant lead generation, or surprising outbound-sales behavior.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The guide directs bulk extraction and enrichment of business contact data from Google Maps and third-party sites, but omits any guardrails around privacy expectations, source terms-of-use, rate limiting, notice/consent requirements, or lawful-use constraints. In a prospecting skill whose explicit purpose is lead generation and call-list building, this increases the risk of improper data collection, compliance violations, and misuse of scraped contact information at scale.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill explicitly instructs persisting prospect profile data to `prospect-data/{batch}/profile-{name}.json` without any consent, retention, or storage-safety guidance. Even if the data is mostly business information, the profile can contain direct contact details, inferred purchasing signals, and enrichment notes that may create privacy, compliance, or unintended data exposure risks when written to disk by default.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The workflow explicitly directs collection and packaging of business contact data into call lists and JSON records for outreach, but provides no privacy, consent, retention, or lawful-use constraints. In a prospecting skill, that omission makes misuse more likely: operators can mass-harvest, enrich, store, and contact people without clear compliance boundaries, creating privacy, anti-spam, and data-handling risk.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Static analysis

No suspicious patterns detected.