Agent Dream Journal

Security checks across malware telemetry and agentic risk

Overview

The skill is a small local journal tool that does what it advertises, but its saved reasoning log should be treated as sensitive.

Install only if you are comfortable with reasoning fragments and metadata being saved locally in plaintext. Do not record secrets, private user data, hidden instructions, or sensitive operational details, and delete or protect agent_dreams.jsonl when it is no longer needed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The tool explicitly persists internal reasoning traces (`thought_chain`) and arbitrary metadata to a local JSONL file without consent, minimization, redaction, or access controls. In an agent context, those fields can contain sensitive prompts, secrets, personal data, or operational context, so storing them in plaintext materially increases the risk of data leakage through local compromise, log collection, backups, or accidental sharing.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal