Digest

Security checks across malware telemetry and agentic risk

Overview

Digest is an instruction-only skill for personalized external-news summaries, with expected preference learning and no evidence of hidden or destructive behavior.

Before installing, confirm which sources and delivery channels are allowed, especially for group chats or email. Periodically review preferences.md because it can store inferred interests, schedules, source trust, and format preferences over time.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The skill instructs sourcing from external feeds and delivering to chat/group/email channels without any explicit privacy, consent, or data-handling safeguards. This creates a real risk of sharing personalized digests to the wrong audience, leaking user interests or sensitive context, and ingesting untrusted external content without clear controls.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The file explicitly instructs the agent to auto-evolve and edit stored user preferences based on observed behavior, but it does not include any user-facing notice, consent gate, or clear transparency mechanism around those persistent modifications. This creates a privacy and autonomy risk because the system may infer, store, and reinforce behavioral profiles without the user realizing their data is being updated or how those updates affect future outputs.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal