Student Timetable

Security checks across malware telemetry and agentic risk

Overview

This is a local student timetable skill with persistent schedule storage and an optional web calendar lookup, but the reviewed artifacts do not show hidden credential access, exfiltration, destructive behavior, or unsafe persistence.

Install only if you are comfortable storing student or child timetable details locally under schedules/profiles. Use the academic calendar import only when it is acceptable to share school and location terms with a search/fetch provider, and review any wake keywords because they persist in the registry for future timetable routing.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands

Findings (5)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 90% confidence
Finding: The skill advertises only timetable/profile management, yet static analysis detected environment and network capabilities with no declared permissions. Undeclared capabilities reduce transparency and can let the skill access secrets or exfiltrate profile data without informed approval, which is especially concerning because the skill handles student and child profile information.

Tp4

High

Category: MCP Tool Poisoning
Confidence: 96% confidence
Finding: The documented purpose is a local student timetable manager, but the code reportedly also performs remote calendar scraping/import, global wake-keyword routing, event editing, and migration logic. This hidden expansion of scope is dangerous because it introduces unreviewed attack surface, cross-skill/message interception behavior, and network/data-processing actions users would not reasonably expect from the description.

Description-Behavior Mismatch

Medium

Confidence: 89% confidence
Finding: The CLI advertises `wake add` and `wake list` commands even though the declared skill purpose is student timetable/profile management. That capability is outside the stated trust boundary and can introduce hidden behavior or persistence mechanisms that users and reviewers would not expect from a scheduling tool, increasing the risk of abuse if wake keywords are consumed elsewhere in the agent framework.

Context-Inappropriate Capability

Medium

Confidence: 92% confidence
Finding: This code implements administrative modification of wake keywords from within a timetable skill, creating an unexpected control surface unrelated to schedule management. In agent ecosystems, wake keywords can affect invocation routing or trigger behavior, so allowing this skill to add/list them can be used to broaden activation paths, create covert persistence, or interfere with other skills.

Missing User Warnings

Low

Confidence: 87% confidence
Finding: The function sends school, city, and country data to external search/fetch services without any visible consent, notice, or minimization. In a student timetable context, these fields can reveal a child's school affiliation and approximate location, creating a privacy leak even if the data is not highly sensitive by itself.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal