Back to skill

Security audit

AI Agent Productivity Tools

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-style productivity setup guide with account-linking cautions, but no hidden automation or malicious behavior was found.

Before installing, treat this as a guide that may lead your agent to install other tools and connect third-party accounts. Confirm each install, OAuth, and API-key step yourself, grant the least permissions needed, and avoid using the JSONL context example for sensitive business or personal data unless you add appropriate permissions, encryption, minimization, and deletion rules.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The guide recommends a local JSONL file as a session store for assistant context, including recent decisions, active projects, and contextual preferences, but provides no warning about sensitive data handling, access controls, retention, or encryption. In a personal assistant context, that store may accumulate confidential business information or personal data, making local disclosure, accidental commits, or insecure endpoint access more likely.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The example trigger phrase "Set up my productivity tools" is broad enough that an agent may invoke this skill for generic setup requests without the user explicitly asking for this specific toolkit. Because the skill claims it can install, configure, and authenticate multiple tools, accidental invocation could lead to unnecessary system changes or prompts for sensitive credentials.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
Stating that the agent will set up essential business tools implies actions involving software installation and account access, but the skill provides no warning about credential handling, access scope, or system modification risks. In a business productivity context, this can expose email, calendar, documents, and local system state to unintended access or unsafe changes.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The claim that the agent handles installation, configuration, and authentication suggests end-to-end control over local software and connected accounts, yet no safeguards or privacy notices accompany that claim. This is especially risky here because the listed tools include Google Workspace access and security-related utilities, so misuse or overbroad execution could affect sensitive business data and system integrity.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.