Security audit
Build Smart Lists
Security checks across malware telemetry and agentic risk
Overview
This skill has a legitimate HubSpot list-building purpose, but the included automation can make persistent account changes that do not match the documented list plan.
Install only if you intend to review and possibly edit the Python script before running it. Use a dedicated least-privilege HubSpot token, confirm each list definition against your consent and segmentation rules, and test in a sandbox or verify membership counts before relying on the created lists for campaigns.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.