Back to skill

Security audit

Algernon Interview

Security checks across malware telemetry and agentic risk

Overview

This is a coherent mock-interview skill, but it can save interview results locally and optionally export them to Notion if configured.

Install only if you are comfortable with the skill reading your OpenAlgernon study database, writing a short interview summary under OpenAlgernon memory, and appending the full report to Notion when NOTION_CLI and NOTION_PAGE_ID are configured. Leave NOTION_PAGE_ID unset if you do not want external export.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The skill's stated purpose is a mock interview, but it also persists interview results to external and local stores without making that data handling central or clearly disclosed. This creates an unexpected data-retention pathway for potentially sensitive user responses, scores, and study topics, increasing privacy and compliance risk.

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
The optional Notion export sends interview content to an external service that is not necessary for core interview functionality and is not clearly justified by the skill description. Exfiltrating interview answers and evaluations to a third-party platform can expose sensitive personal or professional information if users are unaware or the destination is misconfigured.

Vague Triggers

Medium
Confidence
82% confidence
Finding
The broad natural-language triggers increase the chance that the skill activates when a user did not intend to start this specific workflow. Because the skill can later persist data to memory files or Notion, accidental activation can lead to unexpected collection and storage of user content.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill can upload the full interview report to Notion without any user-facing warning in the description or interview flow. Users may disclose sensitive career history, technical knowledge gaps, or proprietary examples during the interview, and sending that content externally without transparent notice creates a meaningful privacy risk.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill writes session summaries, scores, and focus topics to a local memory file without informing the user. Even local persistence can create sensitive records about a user's performance or interests, which may later be accessed by other tools, users on the system, or future agent behaviors.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.