Norman: Invoice Overdue Reminders

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it helps review overdue invoices and send reminders only after the user approves each one.

Install only if you intend to connect the Norman Finance MCP and allow the agent to view invoice, client, and transaction data. Before approving any send, review the recipient, amount, due date, reminder tone, and legal or customer-relationship implications, especially for formal Mahnung workflows outside Germany.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 87% confidence
Finding: The skill description and trigger wording are broad enough that it may be invoked for general finance or invoice questions, not just intentional reminder workflows. In this context, unintended invocation is risky because the skill can enumerate overdue invoices and proceed toward contacting clients, which could expose sensitive billing data or pressure users into an inappropriate dunning flow.

Natural-Language Policy Violations

Medium

Confidence: 80% confidence
Finding: The skill embeds Germany-specific legal framing around Mahnungen without clearly limiting the skill to German entities or asking the user to confirm jurisdiction. This can mislead users in other locales into relying on incorrect legal assumptions, creating compliance, customer-relations, or legal-process errors during collections activity.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal