Google Colab

Security checks across malware telemetry and agentic risk

Overview

This Google Colab skill is instruction-only and purpose-aligned, with disclosed local notes and user-approved Google/data access as the main considerations.

Before installing, decide whether you want the local ~/google-colab notes and set activation to explicit-only if broad triggers feel intrusive. Grant Drive, GCS, URL, or local dataset access only for the notebook you intend to work on, avoid storing secrets in chat or the memory files, and keep cost guardrails for GPU runs.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The auto-activation examples are broad enough to trigger on common terms like 'notebooks', 'runtime errors', or 'model training', which can cause the skill to engage in conversations where the user did not intend to use this Colab-specific workflow. That increases the chance of unwanted context capture, irrelevant guidance, and interference with other skills or baseline behavior.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal