Toggl

Security checks across malware telemetry and agentic risk

Overview

This Toggl skill is a coherent time-tracking helper, with ordinary credential and account-mutation risks that users should handle carefully.

Install this only if you intend to let the agent manage your Toggl entries. Store the Toggl API token securely, keep the config file permission-restricted, and require clear confirmation before edits, adds, stops, or deletes, especially `toggl rm <id>`.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The skill advertises very broad trigger phrases such as "timer," "track time," and "what am I working on," which can match common conversational requests and cause the agent to invoke this skill unexpectedly. Because the skill can perform state-changing actions like starting, editing, or stopping time entries, accidental invocation can lead to unintended modifications to a user's time tracking data.

Missing User Warnings

Medium

Confidence: 87% confidence
Finding: The skill documents a destructive delete command (`toggl rm <id>`) without any warning, confirmation guidance, or safeguards. In an agent setting, exposing deletion as a routine command increases the chance of accidental or ambiguous requests resulting in permanent removal of time entries.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal