Back to skill

Security audit

office-automation-pro

Security checks across malware telemetry and agentic risk

Overview

This office automation skill is not malicious, but it gives an agent broad email, report distribution, and sensitive office-data handling authority without enough user-control guardrails.

Install only if you are comfortable giving an agent access to sensitive office files and potentially an email account. Use a limited mailbox or app password, avoid storing SMTP passwords in config files, back up files before batch operations, and require explicit approval before sending emails, distributing reports, or processing HR, finance, customer, or database content.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The skill exposes very broad natural-language invocation examples such as document conversion, scheduling, email sending, and report generation without clear trigger boundaries or confirmation requirements. In an agent environment, vague phrases can cause accidental invocation on ordinary conversation, leading to unintended file processing, email dispatch, or data handling operations.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill advertises bulk email sending and automatic report distribution but does not prominently warn users about privacy, external transmission, recipient verification, or sensitive-data leakage risks. Because this office skill is designed to process HR, finance, sales, and reporting workflows, misuse or accidental triggering could expose confidential documents or personal data to external recipients at scale.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.