Back to skill

Security audit

Surplus Funds Recovery System

Security checks across malware telemetry and agentic risk

Overview

This skill is not overtly malicious, but it enables sensitive skip-tracing, SMS outreach, e-signatures, and claim filing with insufficient safeguards or disclosure.

Review carefully before installing. Use only with documented legal authority, privacy review, verified claimant authorization, SMS compliance controls, suppression lists, budget limits, audit logging, and manual approval before any skip-tracing, message, e-signature request, or claim filing is sent.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The README explicitly promotes automated skip-tracing and SMS outreach using personal data sources and messaging infrastructure, but it does not provide meaningful warnings, consent requirements, data-handling limits, or jurisdiction-specific compliance guidance. In this context, the skill is not merely informational: it operationalizes collection and use of sensitive personal data to contact potentially vulnerable individuals, increasing the risk of privacy violations, unlawful outreach, and misuse at scale.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill explicitly advertises skip-tracing and SMS outreach but does not warn users that they may be transmitting personal data to third-party providers or contacting real individuals. In this context, the omission is risky because the workflow is built around processing sensitive personal information for commercial outreach, which can trigger privacy, consent, and telecom compliance violations.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The Quick Start provides ready-to-run commands for skip-tracing and SMS campaigns without any gating, warning, or acknowledgment that the actions may contact real people and incur external charges. Because this skill is designed for automated lead generation around foreclosure-related funds, the omission makes immediate misuse more likely and increases the chance of unlawful outreach, privacy breaches, or financially harmful messaging at scale.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The manifest description promises broad automation for finding and monetizing unclaimed government funds but does not define clear activation boundaries, permitted use cases, or operator responsibilities. In a skill involving skip-tracing, SMS outreach, e-signature capture, and claim filing, ambiguous invocation language increases the risk that the agent is used for aggressive contact workflows, unauthorized claim activity, or processing sensitive personal data without adequate controls.

Missing User Warnings

High
Confidence
96% confidence
Finding
The manifest advertises skip-tracing, SMS outreach, e-signature capture, and claim filing while omitting any warning about handling personal data, contacting individuals, and sharing information with third-party services like Intelius, Twilio, and RabbitSign. This is dangerous because users may deploy the skill without understanding privacy, consent, identity-verification, TCPA/telemarketing, and fraud risks, making misuse or unlawful processing substantially more likely.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Static analysis

No suspicious patterns detected.