Joplin

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only Joplin CLI helper whose note access, editing, deletion, and sync behavior is disclosed and aligned with its purpose.

Install only if you want an agent to operate your local Joplin CLI. Confirm note IDs before edits or deletion, be careful with WebDAV passwords, and sync only to a server you trust.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The skill description is broad enough to match many ordinary note-related requests, which can cause the agent to invoke this skill in situations where the user did not explicitly intend Joplin CLI access. Because the skill supports read, edit, delete, import/export, and sync operations, over-broad triggering increases the chance of unintended access to sensitive notes or destructive note changes.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal