Envelope Sender
Security checks across malware telemetry and agentic risk
Overview
This skill is a narrowly scoped e-signature helper that sends one user-selected PDF and signer details through an external eSignGlobal CLI.
Install only if you trust eSignGlobal and its CLI with the selected PDF, signer names, signer emails, and your API key. Confirm the exact file and recipients before sending, especially for confidential contracts or regulated documents.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.