Security audit

潜在意向筛选虾

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed sales-lead filtering skill, but users should be careful with private-message data and Feishu exports.

Install this only if you intend to analyze authorized comments or message data for sales leads. Confirm the Feishu destination before exporting, minimize personal fields, and do not process private messages unless you have clear permission and a compliant workflow.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (3)

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The trigger conditions are very broad and include many common sales/marketing phrases, which can cause the skill to activate in contexts the user did not explicitly intend. In this skill, unintended activation is risky because the workflow processes comments, private messages, and potential lead data, increasing the chance of unnecessary profiling or disclosure of prospect information.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The skill explicitly supports pushing identified leads to Feishu messaging or tables, but it does not require a clear user warning or consent checkpoint before transmitting potentially sensitive lead data to external systems. Because the data may come from public comments, posts, or private messages, silent export can create privacy, compliance, and unauthorized-sharing risks.

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The keyword list uses broad, common shopping phrases like asking for price, links, recommendations, or where to buy, which can match ordinary consumer conversation without strong constraints on consent, source, or context. In this skill, those matches are explicitly used to identify and route 'high-intent' leads from comments, posts, and private messages to sales teams, increasing the risk of inappropriate profiling, over-collection, and misuse of user communications.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.