Habit Coach

Security checks across malware telemetry and agentic risk

Overview

This is a local, user-invoked habit tracker that stores habit command history on disk, with privacy cautions but no evidence of exfiltration or hidden behavior.

Install only if you are comfortable with a local habit history file being created inside the skill directory. Avoid entering sensitive health, location, or private routine details unless local retention is acceptable, and consider skipping the unnecessary requests install step unless a future version actually uses it.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 87% confidence
Finding: The skill instructs the agent to run local Python scripts for tracking, review, and planning, which implies file read/write capability, but it does not declare any permissions or data-access boundaries. This can lead to unauthorized access or modification of local habit records and makes the skill's effective privileges opaque to users and the platform.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The tool persists raw user-provided CLI arguments into a local JSON history file without any notice, consent flow, redaction, or retention controls. Because habit-tracking inputs can easily contain sensitive personal, medical, productivity, or mental-health details, this creates a privacy and data-exposure risk if the local machine, repo workspace, backups, or shared environment are accessed by others.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal