Back to skill

Security audit

Novel

Security checks across malware telemetry and agentic risk

Overview

This is a local terminal helper that saves what you type into it, and the privacy risk is real but disclosed and not evidence of malware.

Install only if you are comfortable with a local CLI keeping plaintext history under ~/.local/share/novel. Do not type passwords, API keys, confidential manuscript text, or sensitive personal data into it; review or delete that directory when you no longer want the saved history, and treat exported JSON, CSV, or text files as sensitive copies.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Low
Confidence
94% confidence
Finding
The skill states that it performs automatic history and activity logging, but it does not clearly warn users that all actions and inputs may be persisted locally with timestamps. In a terminal workflow, users may enter sensitive draft content, notes, names, or other private material, and silent persistence increases the risk of unintended disclosure to other local users, backups, support bundles, or later exports.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The script persistently stores raw user-provided input in plaintext log files under `~/.local/share/novel` without clearly disclosing that behavior. Users may enter sensitive story notes, credentials, tokens, personal data, or proprietary content, which then remains on disk and can be read later by other local processes, backups, or anyone with access to the account.

Ssd 3

Medium
Confidence
97% confidence
Finding
The tool is designed to collect and retain all inputs across many commands, then makes them easy to retrieve via search/export in plaintext formats. In the context of a terminal skill, this increases the likelihood that secrets, internal notes, or sensitive manuscript content entered casually by the user will be broadly exposed on the local system and through exported files.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.