Get笔记筛选整理助手

Security checks across malware telemetry and agentic risk

Overview

This skill is an instruction-only note organization helper that clearly centers on reading and optionally writing to an Obsidian vault, with no hidden executable behavior found.

Install only if you are comfortable letting the agent read the configured Obsidian research vault. Verify the vaultctl npm package before installing it, start with read-only analysis, and require a preview plus explicit approval before creating notes, editing index.md, or enabling any scheduled scan.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The trigger phrase “整理一下” is extremely generic and can plausibly appear in normal conversation, which creates a real risk of accidental activation of the batch-scan workflow. In this skill, that workflow may read notes, query the Obsidian vault, and potentially prepare write actions, so unintended invocation can expose private data or kick off unwanted processing.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill explicitly supports writing generated notes into the local Obsidian vault and updating index links, but it does not present a strong consent boundary or a mandatory confirmation before modifying local files. In a note-management context tied to a real filesystem path, this can lead to unintended file creation, overwrites, or structural changes in a personal knowledge base.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal