Emacs Control

Security checks across malware telemetry and agentic risk

Overview

This skill is a real Emacs-control helper, but it gives an agent broad power to run Emacs Lisp, read editor contents, and save edits without strong user-control requirements.

Install only if you intentionally want the agent to operate inside your running Emacs session. Verify the external emacsctl tool first, close sensitive buffers, clear copied secrets from the kill ring, and require the agent to show proposed eval forms or exact diffs before it reads full buffers, modifies files, or saves changes.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: This skill explicitly encourages passing arbitrary Emacs Lisp into `emacsctl`, which `read`s and `eval`s input inside the user's live Emacs session. Even though it says "BE CAREFUL WHEN EVAL," it does not provide a strong user-facing warning that evaluation can execute arbitrary code, modify buffers, invoke shell commands, access files, or alter editor/session state, so an agent could unintentionally perform dangerous actions.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal