my-mind Manager

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward local writing and file-organization helper, with disclosed filesystem effects and no evidence of hidden data theft, persistence, or destructive behavior.

Install only if you want an agent to manage a local my-mind writing workspace. Prefer using the slash command or explicit "my-mind" wording, and ask the agent to preview paths and changes before creating folders, moving or cleaning files, publishing articles, or committing code.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (5)

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The README advertises very generic natural-language triggers such as '有个想法', '创作', and '帮我写篇文章', which can easily appear in ordinary conversation unrelated to this skill. In systems that auto-load skills based on description or examples, this can cause unintended activation and downstream file-management behavior without the user explicitly selecting this skill.

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The auto-recognition description says CatPaw will load the skill when user instructions 'hit' the description, but it does not define strict trigger boundaries. This ambiguity increases the chance of accidental activation, especially because the skill includes filesystem-affecting operations like directory initialization and content management.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The README promises automatic creation of directory structures and file-management actions such as organizing, moving, cleaning, and publishing, but it does not warn users about filesystem side effects or require confirmation. In an agent environment, this can lead to unintended creation, modification, or relocation of user content if the skill is triggered accidentally or interpreted too broadly.

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The trigger phrases include broad, everyday language such as references to writing, organizing, and managing notes, which can cause the skill to activate when the user did not explicitly intend to use it. In an agent setting, accidental activation can lead to unintended file creation, directory initialization, content moves, or commits affecting the user's workspace.

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The activation flow descriptions are ambiguous and do not define strict boundaries for when the skill should act versus merely discuss an action. Phrases like '写文章' or '创作' are common conversational intents, so the agent may enter operational mode and create or move files without a sufficiently explicit user request.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal