Flatnotes + Tasks.md GitHub Audit

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent local audit tool that reads task and note files, checks GitHub PR status with the GitHub CLI, and writes audit reports without hidden persistence or destructive behavior.

Before installing or running, confirm TASKS_ROOT and FLATNOTES_ROOT point to directories you intend to audit, check which GitHub account gh is authenticated as, and treat the generated tmp reports as potentially private because they can include task titles, project names, paths, and PR details.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The quick-start example runs `node ... --since-days 30 --write` while describing it as "report-only," which is misleading and can cause users to modify files immediately on first use. In a security-sensitive agent skill, undocumented or under-disclosed write behavior increases the chance of unintended state changes to notes, task boards, or reports without explicit user consent.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal