Back to skill

Security audit

Social Media Management

Security checks across malware telemetry and agentic risk

Overview

This is a content strategy skill, not an automation or access-granting skill, but users should apply privacy and email-marketing compliance before using its lead-generation advice.

Install only if you want a broad B2B content-writing playbook. Before acting on its survey, customer-story, email, or gated-download suggestions, make sure customer data is anonymized or permissioned, confidential information is excluded, and email/privacy obligations such as consent, unsubscribe handling, suppression lists, and regional laws are reviewed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill explicitly recommends using product data, customer interviews, and gated report downloads to generate content and capture emails, but it does not consistently require anonymization standards, documented consent, lawful basis, or region-specific privacy compliance. In a content-writing skill, that omission can normalize secondary use of customer data for marketing without adequate safeguards, creating privacy, contractual, and regulatory exposure.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The guidance recommends distributing surveys to a 'bought list' of sales leaders without warning about consent, anti-spam, data broker legality, or regional privacy and marketing laws. That can directly lead users to conduct unlawful or non-compliant outreach, especially under GDPR, CAN-SPAM, PECR, or similar regimes, and may also create reputational and contractual risk.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.