Prospecting Time Block Planner

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only sales planning skill that creates a local markdown time-block plan, with no evidence of hidden execution, credential use, or data exfiltration.

Before installing, be comfortable sharing quota, calendar constraints, time zones, and distraction details with the agent. Run it in a working directory where creating a prospecting-time-block-plan markdown file is acceptable, and provide only the minimum business context needed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Low

Confidence: 86% confidence
Finding: The skill explicitly states it will write `prospecting-time-block-plan-{date}.md` into the working directory, but the user-facing guidance does not clearly warn that local files will be created or modified before execution. This can cause unintended filesystem side effects, especially in shared or sensitive working directories, even though the content written is only a planning document and there is no sign of code execution or destructive behavior.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal