Content Ideas

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only content ideation skill with disclosed web/RSS research, optional local configuration, and optional scheduled note output that fit its stated purpose.

Install if you want an agent to research public trends and draft content ideas. Before enabling cron-like workflows, confirm the schedule and output folder, review any separate rss-reader or social-media skills it uses, and keep secrets or sensitive brand material out of files that may be summarized into external searches.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The skill prescribes scheduled tasks that automatically save generated output to local files, but it does not instruct the agent to obtain explicit user consent before creating or modifying files. In agent environments, silent persistence can surprise users, clutter workspaces, overwrite existing notes, or establish ongoing automated behavior the user did not clearly authorize.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal