Andara Meeting Minutes

Security checks across malware telemetry and agentic risk

Overview

The skill is purpose-aligned, but it would save potentially sensitive meeting content into PostgreSQL using broad triggers and under-specified database write controls.

Review before installing. Use only with a dedicated least-privilege PostgreSQL role and an approved database, add a confirmation step before writes, and avoid storing sensitive meeting content unless your retention and access policies allow it.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 87% confidence
Finding: The trigger phrase "save meeting" is broad enough that normal conversation or quoted text could activate the skill unintentionally, causing sensitive meeting notes to be parsed and stored without clear user intent. In a skill that writes directly to PostgreSQL, ambiguous activation increases the risk of accidental data persistence and privacy violations.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill explicitly stores user-provided meeting content in PostgreSQL but provides no safeguards around consent, data minimization, sensitivity handling, or safe query construction. Because meeting summaries can contain confidential business information and the examples interpolate user-derived fields into SQL strings, this creates both privacy exposure and potential injection risk if implemented literally.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal