Data+AI Daily Brief Skill

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed daily-brief generator that searches public sources, creates report files, and sends them to user-configured channels.

Install only if you intend the agent to fetch web content, write report files, and publish briefs. Keep delivery adapters disabled until needed, use least-privilege webhooks/tokens, review reports before sending, and avoid including confidential, regulated, or customer data in generated briefs.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (6)

Missing User Warnings

Medium

Confidence: 76% confidence
Finding: The skill is explicitly designed to collect, summarize, and distribute externally sourced content across multiple third-party channels, yet the README does not prominently warn that generated briefs may contain sensitive internal prompts, proprietary analysis, or regulated data if users customize it improperly. In an agent-skill context, missing privacy/transmission warnings increases the likelihood of unintentional data exfiltration through configured webhooks, email, or hosted pages.

Vague Triggers

Medium

Confidence: 84% confidence
Finding: 技能触发短语“生成今天的行业日报”过于自然语言化，容易与普通对话重叠，导致代理在非预期场景下自动触发搜索、生成甚至后续推送流程。对于具有外部检索和多渠道发送能力的技能，误触发会放大数据外发、资源消耗和错误通知风险。

Vague Triggers

Medium

Confidence: 88% confidence
Finding: 文档只说明“Skill 会自动触发并按流程执行”，但未清楚界定什么输入会触发、哪些相似表达不会触发、何时会进入推送/部署阶段。对具备外部发送能力的 agent skill 来说，触发边界不清会增加误执行和非预期外发的概率。

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: 文档强调“一键发送到 9 大渠道”，但没有在同等显著位置警示用户：日报内容可能包含敏感信息、错误摘要或未审阅内容，且配置中需要提供多个 webhook、token 和邮箱凭据。对外发能力与凭据使用缺少风险提示，会增加误泄露内部情报和错误配置导致账号滥用的风险。

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The `read_when` triggers are broad terms like 'daily brief', 'industry report', and 'newsletter', which can activate the skill for generic requests unrelated to this specific workflow. Because the skill has high-impact tools, overbroad activation increases the chance of unintended web access, file creation, command execution, or outbound delivery in contexts where the user did not clearly request those actions.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The description normalizes automatic web fetching, local file generation, command execution, and multi-channel publishing, but does not clearly warn users that the skill can modify the workspace and send content to external services. In this context, the risk is elevated because the skill is positioned as a content-generation assistant, yet it also has infrastructure-style behavior such as GitHub Pages deployment and message delivery to webhook-based channels.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal