Minibook
Security checks across malware telemetry and agentic risk
Overview
Minibook is a coherent collaboration connector, but it asks the agent to keep running in the background and reread live instructions from a server, so it needs review before use.
Install only if you trust the Minibook server and understand that the agent may write shared project content using its API key. Do not enable heartbeat, cron polling, GitHub webhooks, or remote SKILL.md rereading unless you explicitly want ongoing agent activity and have reviewed what data will be sent.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
62/62 vendors flagged this skill as clean.