Back to skill

Security audit

Weekly Report Generator

Security checks across malware telemetry and agentic risk

Overview

This skill generates weekly work reports using disclosed GitHub activity and optional productivity data, with privacy caveats but no evidence of hidden or destructive behavior.

Install only if you are comfortable with a report tool summarizing work activity. Use a fine-grained read-only GitHub token, pass explicit repositories when possible, and review generated reports before sharing because they may contain private project or organizational details.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The skill advertises broad natural-language triggers such as 'weekly summary', 'work summary', and 'weekly standup report', which are common user requests that may cause the agent to invoke this skill in situations where the user did not intend broad cross-source data aggregation. In this skill's context, that can expose GitHub, calendar, reminders, and project-file data unnecessarily, making overbroad invocation materially risky rather than merely a UX issue.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The description emphasizes convenience but does not clearly warn that the skill accesses multiple personal and work data sources, including GitHub activity, calendar events, reminders, and project files. Because these sources can contain sensitive corporate and personal information, omission of a prominent disclosure increases the chance of uninformed consent and unintended data exposure during invocation.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The script transmits GitHub identifiers, activity metadata, and a bearer token to GitHub APIs without an explicit runtime consent prompt or strong user-facing disclosure about network access. In an agent-skill context, silent network access can surprise users and leak repository activity details beyond what they expected from a local report-generation tool.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.env_credential_access

Environment variable access combined with network send.

Critical
Code
suspicious.env_credential_access
Location
scripts/generate-report.mjs:73