Ai Intelligent After Sales Service

Security checks across malware telemetry and agentic risk

Overview

This skill is a simple after-sales service description whose customer-data use is purpose-aligned, but users should review the external code and privacy handling before deploying it.

Before installing, inspect the external GitHub repository and Python requirements because they were not included in this artifact. For real customer-service use, confirm authorization to contact customers and define privacy, consent, retention, access, and opt-out practices for survey and feedback data.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The skill advertises customer satisfaction surveys and feedback collection/analysis but provides no warning about handling potentially sensitive personal data, retention, consent, or downstream analytics. In an after-sales context, this can lead to privacy non-compliance, unexpected data processing, and unsafe deployment by users who are not informed about customer-data obligations.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal