AirTag

Security checks across malware telemetry and agentic risk

Overview

This AirTag skill handles sensitive location and account workflows, but its artifacts disclose the risks, require confirmation, and show no hidden code or unsafe automation.

Install only if you want an agent to help with AirTag or Find My workflows. Prefer Direct App Control or Shared Link Mode when possible, require confirmation before any location access or local logging, and use Programmatic API Mode only if you already trust and manage the unofficial connector outside this skill.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The skill defines activation triggers using very broad, common phrases such as "AirTag," "Find My," and especially "lost items," which can cause the skill to engage in conversations where the user did not intend account-linked device access or tracking workflows. In a skill that can expose AirTag/account context and potentially support proactive intervention, overbroad activation increases the risk of privacy-invasive actions, unintended data access, and confused-deputy behavior.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal