Local Deep Research

Security checks across malware telemetry and agentic risk

Overview

The skill is a disclosed local research connector, with some normal privacy considerations around where research queries and LDR credentials are sent.

Install this only if you run or trust the LDR service you configure. Keep LDR_BASE_URL and LDR_LOGIN_URL on localhost or another trusted host, use a dedicated low-privilege LDR account, review the sourced ~/.config/local_deep_research/config/.env file, and avoid using local document search modes unless you intend private local content to be included.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The trigger list is unusually broad and includes generic phrases like "quick summary on [topic]" and "investigate [topic]", which can cause the skill to activate in situations where the user did not specifically intend to use this high-capability research workflow. Unintended invocation can route sensitive prompts or broad user context into an external/local service and cause unnecessary network activity, credential use, or data exposure to the configured LDR instance.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal