Back to skill

Security audit

Client Onboarding Automation

Security checks across malware telemetry and agentic risk

Overview

The skill is a coherent onboarding automation, but it handles sensitive client documents and uses email/CRM authority without enough safeguards or user controls.

Review before installing. Use only least-privilege email and CRM credentials, limit it to specific clients or sheets, require human approval before sending messages or writing records, and do not use it for payment data, IDs, healthcare, or insurance records unless your storage, consent, retention, access control, and compliance requirements are explicitly handled.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill is designed to collect, process, email, and store sensitive client information including contact details, identity documents, contracts, and payment information, but it provides no privacy notice, consent flow, retention limits, or safeguards around storage and transmission. This creates a real risk of improper handling of personal data, especially because the workflow encourages automation across email and spreadsheet-based CRM systems that may be unsuitable for sensitive records.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
Listing healthcare as a supported use case materially increases risk because the same onboarding flow includes document collection, reminders, email delivery, and spreadsheet/CRM storage without any mention of regulated-data safeguards. In a healthcare context, this could lead to mishandling of protected health information through noncompliant tools or channels, making the omission more dangerous than in a generic business workflow.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.