Security audit

Meeting Prep

Security checks across malware telemetry and agentic risk

Overview

This is a meeting-preparation prompt skill that is coherent and markdown-only, with no executable code or hidden system access.

Use this skill for professional meeting preparation, but keep inputs and research limited to public, relevant business information. Avoid collecting sensitive personal details, private account data, or non-public profile information, and verify important claims before relying on them.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 86% confidence
Finding: The skill explicitly encourages researching attendees, LinkedIn summaries, recent posts, company background, and client/interviewer details, but provides no privacy guardrails, data minimization guidance, or limits on collecting sensitive personal information. In a meeting-prep context this can lead users or downstream agents to gather excessive personal data, perform unbounded external lookups, or include unnecessary profile details that raise privacy, compliance, and reputational risks.

VirusTotal

58/58 vendors flagged this skill as clean.

View on VirusTotal