Discord Task Tracker

Security checks across malware telemetry and agentic risk

Overview

This is a simple local task tracker whose file storage and task deletion behavior are disclosed and proportionate to its purpose.

Install only if local storage of task text in the skill directory is acceptable. If connecting it to Discord, prefer explicit prefixes or slash commands in busy channels to avoid accidental task creation or deletion.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (5)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 86% confidence
Finding: The skill description explicitly states that it stores tasks in `tasks.json`, which implies file read/write behavior, yet no corresponding permissions are declared. This creates a transparency and trust problem: users or hosting systems may grant the skill broader practical capability than its manifest communicates, making review, sandboxing, and policy enforcement weaker.

Vague Triggers

Medium

Confidence: 81% confidence
Finding: The trigger phrase `todo` is very broad and can easily appear in normal conversation, causing the skill to activate unintentionally. In a Discord context, accidental activation could lead to unwanted task creation, deletion, or completion from ordinary chat messages, especially in shared channels where conversational overlap is common.

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The trigger phrase `todo <description>` is broad and overlaps with common conversational language, which can cause accidental invocation when users casually mention a todo item in Discord. In a chat-driven skill, weak invocation boundaries increase the risk of unintended task creation from ordinary messages, especially in busy channels or multi-user contexts.

Vague Triggers

Medium

Confidence: 87% confidence
Finding: The phrase `my tasks` is highly ambiguous and may appear in normal conversation, making it unreliable as a command trigger. In Discord, this can cause unintended disclosure of a user's task list or unexpected bot responses when users are simply discussing their work.

Missing User Warnings

Medium

Confidence: 82% confidence
Finding: The delete command is destructive but the reference provides no warning, confirmation step, or recovery guidance. If invoked accidentally or through ambiguous parsing, users may permanently remove tasks without realizing the action cannot be easily undone, especially since task IDs can shift after deletions and completions.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal