Back to skill

Security audit

Second Brain: Turn conversations into lasting knowledge

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Ensue-backed personal knowledge-base skill, with expected cloud storage and API-key use for its stated purpose.

Install this only if you want Ensue to store and search your persistent knowledge. Review drafts before saving, avoid secrets or highly sensitive personal details, and keep the Ensue API key scoped to an account you trust for this data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill invokes a shell wrapper script (`{baseDir}/scripts/ensue-api.sh`) but does not declare permissions for shell execution. This creates a capability/permission mismatch that can bypass expected trust and review boundaries, especially because the script accepts JSON arguments derived from user content and can perform create, update, and delete operations against the knowledge base.

Vague Triggers

Medium
Confidence
79% confidence
Finding
The trigger phrases include very common conversational language such as "remember," "save this," and "what do I know about," which can cause the skill to activate in situations broader than intended. In this skill's context, unintended activation is more dangerous because it can retrieve, store, update, or delete persistent user knowledge, increasing the risk of privacy leaks, unwanted retention, or destructive actions after ambiguous prompts.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.