快速笔记

Security checks across malware telemetry and agentic risk

Overview

This is a simple local note-taking skill with disclosed JSON storage, but users should avoid putting secrets in it because the notes are not encrypted.

Install only if you are comfortable with notes being saved locally as plaintext JSON. Do not store passwords, tokens, private financial details, or other secrets unless you add stronger storage protections, and confirm note content before saving when using voice or broad activation phrases.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The activation phrases "记一下 / 笔记 / 记个事" are common conversational terms, so the skill may trigger during ordinary speech and capture content the user did not intend to store. In a note-taking skill, accidental activation is particularly risky because it can persist sensitive spoken content to disk without clear user intent.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The documentation claims local JSON persistence is "private and reliable" but does not warn that notes are stored in plaintext on disk alongside the skill files. Users may therefore record sensitive information under a false sense of privacy, and any local user, backup process, malware, or filesystem exposure could reveal those notes.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal