Back to skill

Security audit

Lead Scorer

Security checks across malware telemetry and agentic risk

Overview

The skill has a coherent lead-scoring purpose, but it can create a Google Sheet containing lead contact data and make it publicly writable.

Review before installing. Remove the automatic public writer sharing line, use a private pre-created spreadsheet or explicit named-account sharing, and use a dedicated low-privilege Google service account. Confirm that storing lead emails and phone numbers in Google Sheets is acceptable for your workflow.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

High
Confidence
99% confidence
Finding
The skill description says it writes results to a Google Sheet, but the code also creates a new spreadsheet when one is missing and then changes its sharing posture. That hidden side effect materially expands behavior beyond expected output handling and can expose lead data to unintended parties, especially because the created sheet is then made publicly writable.

Context-Inappropriate Capability

Critical
Confidence
100% confidence
Finding
When a spreadsheet is not found, the code creates one and calls spreadsheet.share(None, perm_type="anyone", role="writer"), making it writable by anyone with the link or public access depending on API behavior. This is a severe exposure because the sheet stores business names, URLs, emails, and phone numbers, allowing unauthorized modification, defacement, data poisoning, or disclosure.

Missing User Warnings

High
Confidence
99% confidence
Finding
The code silently creates a Google Sheet and grants public write access without any warning, prompt, or explicit configuration from the user. That makes sensitive lead-tracking data and workflow integrity dependent on an unsafe default that users are unlikely to expect from a scoring skill.

Ssd 3

High
Confidence
100% confidence
Finding
The newly created sheet is made publicly writable even though it is intended to store lead contact data such as emails and phone numbers. This can expose collected data, allow unauthorized edits, and corrupt downstream sales operations through tampering or spam entries.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.