Back to skill

Security audit

Saved Markdown

Security checks across malware telemetry and agentic risk

Overview

This skill is mostly a clear public publishing helper, but it also instructs agents to keep a local publishing log with deletion phrases, which users should review before installing.

Install only if you are comfortable with selected content being published to a public saved.md URL. Before publishing sensitive material or resumes, ask for an interactive draft review. Also decide whether you want the agent to store publishing history and deletion phrases in entries.json; if not, instruct it not to log them or to clear that file after use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill is explicitly designed to publish user-provided content to a public, shareable URL, but the description does not clearly warn that publication is public, anonymous, and potentially irreversible from a privacy perspective. In an agent setting, this increases the risk that sensitive user data, internal notes, credentials, or proprietary content could be exposed if the tool is invoked without an explicit visibility confirmation.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The template's invocation criteria are broad enough to match routine requests like 'summary,' 'analysis,' or 'status update' that may not actually imply intent to publish to saved.md. In this skill, that creates a scope-selection risk: the agent may invoke a publishing-oriented skill for ordinary drafting tasks, increasing the chance of unintended public exposure of user content.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The template explicitly instructs users to publish personal contact details such as email, phone, and location in a public, shareable resume page, but provides no privacy warning or safer alternatives. In the context of a publishing skill that returns a public URL, this can lead to unintended exposure of personally identifiable information, increasing spam, phishing, doxxing, and social-engineering risk.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.