Daily Briefing Hub

Security checks across malware telemetry and agentic risk

Overview

This is a coherent briefing skill that intentionally gathers sensitive account data, but its behavior is disclosed and aligned with its stated purpose.

Install only if you want an assistant to read the connected accounts you choose for briefings. Use least-privilege account permissions, choose private delivery channels, confirm any recurring cron schedule, and periodically review stored location, feed, channel, and briefing preferences.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The skill advertises very broad trigger phrases like "brief me," "what did I miss," and "what's on my plate today," which overlap with common natural-language requests. This can cause the skill to activate unintentionally and aggregate or deliver sensitive data from calendars, email, tasks, and chat channels when the user may have intended a narrower action.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The skill explicitly directs the agent to persist user preferences, feed URLs, schedules, channels, and briefing configuration in memory or the workspace without any retention notice, consent checkpoint, or data-minimization guidance. Because this skill consolidates highly sensitive personal and work metadata, silent persistence increases the risk of privacy leaks, over-retention, and unintended reuse across future sessions or automations.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal