Back to skill

Security audit

Daily Life Autopilot

Security checks across malware telemetry and agentic risk

Overview

This is a coherent personal-assistant skill, but it asks an agent to proactively read and summarize highly sensitive email, calendar, billing, task, and file data with triggers that are too broad.

Review before installing. Use this only if you are comfortable giving an agent broad access to your email, calendar, billing messages, task data, and selected local files. Before enabling it, restrict accounts and folders where possible, disable or opt in carefully to automatic briefings, and keep sending, archiving, file moves, and billing-related actions confirmation-only.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

High
Confidence
96% confidence
Finding
Triggering on any first message of the day is an overly broad activation condition for a skill with access to email, calendar, billing data, and files. A benign greeting or unrelated conversation could cause the agent to ingest sensitive data and begin proactive processing without a clear, contextual user request, increasing the risk of privacy violations and unintended actions.

Vague Triggers

Medium
Confidence
84% confidence
Finding
Saying the agent recognizes natural language and requires no commands to memorize leaves trigger boundaries undefined, which is risky in a highly privileged skill. Ambiguous invocation increases the chance that ordinary conversation will be interpreted as authorization to access mail, calendar, follow-up, or file-management functions.

Vague Triggers

Medium
Confidence
90% confidence
Finding
Automatically activating 30 minutes before any calendar event can expose meeting context, recent email threads, and relationship data without an explicit request at that moment. In shared-device, notification, or ambient assistant contexts, this could surface sensitive business or personal information at the wrong time or to unintended viewers/listeners.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.