Security audit
SMBcrm CRM & Marketing Platform
Security checks across malware telemetry and agentic risk
Overview
This is a documentation-only SMBcrm integration skill whose API, token, workflow, MCP, and agent guidance is disclosed and aligned with its stated CRM automation purpose.
This skill appears safe to install as an advanced CRM automation guide. Before using generated examples in production, review token scopes, use test or sandbox data first, avoid pasting real secrets into prompts unless necessary, and manually approve any CRM writes, payments, public content actions, or long-running automations.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.