Family Emergency Planning

Security checks across malware telemetry and agentic risk

Overview

This emergency-planning skill is useful and coherent, but it asks users to copy, digitize, cloud-store, and share very sensitive identity, financial, medical, and legal documents without enough privacy safeguards.

Review the document-kit section carefully before installing. Use this skill for planning checklists, but avoid uploading full SSNs, full bank/card numbers, tax returns, or legal records to ordinary cloud folders unless you choose stronger encryption, redaction, limited sharing, and a clear recovery plan.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill advises users to collect and digitize highly sensitive documents including IDs, Social Security cards, bank details, prescriptions, and legal records, then store them in cloud services and share access with others. Even though it mentions encryption, strong passwords, and 2FA, it lacks strong privacy minimization guidance, safer storage alternatives, and warnings about the consequences of compromise, creating substantial identity theft and fraud risk if the cloud account or shared access is breached.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal