Recall

Security checks across malware telemetry and agentic risk

Overview

This is a coherent recall helper, but it can search local memory, session state, and workspace notes, so users should use it only where that context is appropriate to surface.

Install only in workspaces where you are comfortable with the agent searching memory files, session state, and notes. Use explicit recall requests, avoid broad topic queries in projects containing secrets or private notes, and review any optional QMD indexing or graph output before using it with sensitive material.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The activation criteria are broad enough to trigger on ordinary conversation about past work, which can cause the agent to search session history and notes without sufficiently explicit user intent. In a memory-oriented skill, that creates a meaningful risk of unnecessary exposure of prior-session content or workspace notes that the user did not intend to retrieve in that moment.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The topic-recall mode searches not only dedicated memory files but also 'Any notes in the workspace', yet the skill does not clearly warn that this may surface prior-session or note contents. That omission undermines informed user consent and can lead to accidental disclosure of sensitive material, especially because semantic or keyword search may pull in unexpected excerpts.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal