AI员工协作技能包

Security checks across malware telemetry and agentic risk

Overview

The skill discloses local persistent memory for work records, which fits its apparent purpose, but users should treat that stored memory as potentially sensitive.

Before installing, assume anything saved in the skill's memory/ directory may persist across sessions and be visible to later agent runs. Avoid storing secrets or sensitive personal/business data unless you understand where the directory lives, how to restrict access, and how to delete old records.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The README states that work records are automatically persisted in the `memory/` directory and reloaded on startup, but it does not warn users about retention, sensitivity of stored content, access controls, or deletion practices. In an AI collaboration system, these records may contain prompts, business data, credentials, internal documents, or personal information, so undocumented persistence increases the risk of unintentional data exposure and privacy noncompliance.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal