Back to skill

Security audit

Tmp.DfsncALeFl

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed OurFamilyWizard integration with sensitive read/write access, but the behavior is purpose-aligned and not hidden.

Install only if you are comfortable giving the MCP access to your OFW account and storing credentials locally. Use explicit OFW requests, review messages or records before any write action, and be aware that reading notifications or unread messages may update OFW state and synced data may remain in a local cache.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger description is overly broad because it activates on a wide catch-all for any request involving co-parenting messages, calendar events, expenses, or journal entries. In a high-sensitivity domain containing legal and personal family data, broad routing increases the chance the skill is invoked for ambiguous requests and unnecessarily exposes private OFW data or enables write-capable actions when the user did not explicitly intend to access OFW.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.