Back to skill

Security audit

PhantomBuster

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a disclosed PhantomBuster integration, with one scoping concern around being invoked too broadly but no evidence of hidden, destructive, or malicious behavior.

Install this if you want an agent to help with PhantomBuster workflows. Before using it for launches, stops, or other account-changing actions, make sure your agent asks for explicit confirmation and that the PhantomBuster credentials or connector permissions are limited to the account and work you intend.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The description and repeated instruction to use this skill for ANY PhantomBuster request are overly broad, which can cause the agent to invoke the skill whenever PhantomBuster is merely mentioned rather than when its use is clearly intended. That increases the chance of unnecessary connector access and, in mixed-context conversations, could lead to unintended reads or queued actions if the agent over-prioritizes this skill.

VirusTotal

56/56 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.