Focus Tracker

Security checks across malware telemetry and agentic risk

Overview

This instruction-only skill stores short project focus notes in local workspace files, which matches its stated purpose and shows no hidden code, network access, or credential use.

Install this only if you want the agent to keep resumable project state in FOCUS.md and FOCUS-LOG.md. Review those files in shared or sensitive repositories, and avoid storing secrets, credentials, or confidential details in them.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The skill's trigger conditions are extremely broad, including every session start, after compaction, and whenever the agent feels it may have lost context. That can cause the skill to activate without clear user intent and steer agent behavior toward persistent state management even in conversations where writing or reading workspace files is unnecessary or unexpected.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill instructs the agent to create, update, archive, and clear persistent workspace files like FOCUS.md and FOCUS-LOG.md, but it does not require explicit user notice or consent before those writes occur. This creates a risk of silent persistence of user activity, project context, or sensitive information across sessions in a way the user may not expect.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal