Callrail

Security checks across malware telemetry and agentic risk

Overview

The skill appears to perform real business record changes and send text messages, but its instructions do not clearly require user confirmation before those actions.

Review this skill carefully before installing. Use it only with accounts where you are comfortable letting an agent create or update business records and send SMS messages, and require explicit confirmation for each create, update, or send action until the skill documents stronger safeguards.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill advertises state-changing capabilities like creating companies, updating records, and sending text messages without any caution about user confirmation, scope checking, or side effects. In an agent setting, this increases the risk of unintended writes or outbound communications being performed too easily, especially if a user request is ambiguous or the agent acts optimistically.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal