Back to skill

Security audit

Meeting Agenda

Security checks across malware telemetry and agentic risk

Overview

This skill is a local meeting-agenda helper with some rough, under-documented task-tracking behavior, but no evidence of exfiltration, credential access, destructive actions, or hidden execution.

Before installing, understand that the main agenda template behavior is local and low-risk, but the included task-tracking script can save entered text on disk and some commands may report changes that were not actually persisted. Avoid entering sensitive meeting details unless local storage is acceptable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Intent-Code Divergence

Medium
Confidence
93% confidence
Finding
Several commands that imply state changes, including done, priority, remind, and clear, only print success-style messages and append audit entries without modifying the underlying task database. This creates deceptive behavior: users or downstream agents may believe tasks were completed, reprioritized, reminded, or cleared when the persisted agenda state remains unchanged, leading to integrity and workflow failures.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The trigger text includes broad terms like 'meeting agenda' plus multilingual generic keywords related to meetings, agendas, standups, and minutes without clear activation boundaries. This can cause the skill to activate in situations where the user did not explicitly request it, increasing the chance of unintended instruction injection, context hijacking, or workflow confusion in a larger agent system.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.