CRM-in-a-Box

Security checks across malware telemetry and agentic risk

Overview

This looks like a purpose-aligned local CRM helper, but users should treat the CRM data it handles as sensitive.

Install this only in CRM workspaces you are comfortable letting an agent inspect and modify. Use least-privilege repository access, review write/action steps before they run, avoid putting secrets in CRM files, and ensure search terms or other user-provided values are safely quoted when shell examples are adapted.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The README explicitly promotes AI agents that can read, write, and act on CRM data, but it does not warn that CRM repositories typically contain sensitive personal and business information such as contact details, communications, and deal data. This omission can lead users to connect autonomous agents to customer records without understanding privacy, consent, access control, or data leakage risks, increasing the chance of improper handling or disclosure.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal