Back to skill

Security audit

blog-writer

Security checks across malware telemetry and agentic risk

Overview

This blog-writing skill is mostly transparent, but it requires sending drafts to a fixed Notion database without a clear per-draft confirmation step.

Install only if you intentionally want drafts and finalized posts sent to the listed Notion database. Do not use it with private notes, proprietary research, or client material unless you control that Notion workspace and are comfortable with automatic draft publication. Ask the publisher for a local-only mode, configurable database ID, and explicit confirmation before each Notion write.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

High
Confidence
98% confidence
Finding
The skill requires automatic publication of draft content to a specific Notion database and explicitly treats failure to upload as workflow failure, even before the draft is finalized. This creates a real data-exfiltration and privacy risk because user-provided notes, research, or sensitive draft material may be transmitted to an external service without informed consent or a confirmation step.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The script permanently deletes files with filepath.unlink() when run with the prune command and --execute flag, but it does not require an interactive confirmation or secondary safety check. In a skill context, destructive file operations are more concerning because an agent or user may trigger them accidentally, causing loss of curated example data that supports the writing workflow.

VirusTotal

No VirusTotal findings

View on VirusTotal

Static analysis

No suspicious patterns detected.