Blog Watcher

Security checks across malware telemetry and agentic risk

Overview

This skill is a simple blog/RSS update checker whose network access matches its stated purpose, with no evidence of hidden persistence, credential access, or destructive behavior.

Install only if you want the agent to fetch blog, RSS, or website URLs on your behalf. Avoid adding private, localhost, intranet, or sensitive URLs unless you are comfortable with the agent requesting and parsing them from your environment.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The activation phrases are generic enough that ordinary requests like '网站更新' or '追踪博客' could unintentionally trigger the skill. This can cause the agent to perform network monitoring behavior when the user did not explicitly intend to invoke this capability, increasing the chance of unintended external requests and confusing or privacy-impacting behavior.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill performs external network requests via RSS parsing and direct HTTP GETs, but the description does not warn users that URLs will be fetched from remote sites. Without a clear user-facing notice, users may unknowingly cause outbound requests to third-party servers, which can expose metadata, trigger access to sensitive/internal URLs if user-supplied, or violate expected trust boundaries.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal