Add Task

Security checks across malware telemetry and agentic risk

Overview

This skill is a local task-file helper with a real folder-target inconsistency, but no evidence of hidden data access, exfiltration, destructive behavior, or privilege escalation.

Before installing, treat .specs/tasks/draft as the intended destination and review the missing create-folders.sh reference in the installed package if present. Do not pass secrets in task prompts, since the skill is designed to save the original user input into a markdown file.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Intent-Code Divergence

Medium

Confidence: 96% confidence
Finding: The skill contains conflicting instructions about where the task file should be written: one section says to create files in `.specs/tasks/draft/`, while the concrete write step directs the agent to `.specs/tasks/todo/`. This inconsistency can cause workflow bypass, premature promotion of unreviewed tasks, or unintended writes to a higher-trust state directory, especially if downstream automation treats `todo` files as approved work items.

Missing User Warnings

Low

Confidence: 88% confidence
Finding: The skill explicitly instructs the agent to preserve the exact user input and write it into a markdown file, but it provides no warning or safeguards around persisting untrusted content to disk. This can lead to storage of secrets, prompt-injection payloads, misleading markup, or dangerous content that later tools, humans, or automations may trust or render.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal