Daily Review Ritual

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward daily review skill, but it may read and update notes in the workspace where it is run.

Install this only for workspaces where you are comfortable having the agent review project notes. When using it, ask to preview proposed note edits, task archives, and status updates before they are saved, especially in important or shared projects.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Low

Confidence: 84% confidence
Finding: The skill instructs the agent to create or update notes, archive completed tasks, and update project status notes without clearly warning the user that it may modify existing vault content. Even though the actions are productivity-oriented, silent or unexpected writes can lead to unintended data changes, mistaken archival of active items, or loss of context if the agent acts without explicit confirmation.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal