The Food Lab

Security checks across malware telemetry and agentic risk

Overview

This appears to be a cooking guidance skill with somewhat broad activation language, but no evidence of hidden access, code execution, persistence, or sensitive data handling.

Safe to install if you want cooking guidance, but expect it may appear in a wider range of cooking-related conversations than a narrowly scoped skill would. Disable or avoid it if you only want explicit Food Lab or Kenji-related invocations.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The trigger list is extremely broad and includes generic phrases like "how to cook," "kitchen tips," and activation when a user says they just installed the skill or does not know how to start. This can cause the skill to activate in many unrelated conversations, unexpectedly injecting its instructions and branded output into contexts where the user did not request cooking guidance.

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The onboarding text says the skill will "show up whenever I sense this book could help," which defines activation in a subjective and ambiguous way rather than by clear user intent. This increases the chance of unsolicited invocation, potentially overriding normal assistant behavior and causing confusing or unwanted responses in borderline contexts.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal