Back to skill

Security audit

Contacts

Security checks across malware telemetry and agentic risk

Overview

This skill is a local personal contacts notebook; it is privacy-sensitive, but its behavior is disclosed, scoped, and aligned with that purpose.

Install only if you want an agent to help maintain local notes about people you know. Keep ~/contacts/ private, be careful with cloud sync or Git history, avoid storing highly sensitive details unless necessary, and prefer confirming each new or updated contact note when names come up casually.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
95% confidence
Finding
The trigger condition is so broad that ordinary conversation mentioning any person could activate the skill and cause collection or retrieval of sensitive relationship data without a clear, intentional user request. In a personal contacts skill handling birthdays, family details, health issues, and interaction history, this creates a meaningful privacy risk through over-collection and surprise persistence.

Vague Triggers

Medium
Confidence
96% confidence
Finding
These examples normalize automatic extraction of personal facts from casual user statements, which can lead to silent profiling and storage of third-party personal data. Because the stored data includes sensitive personal context and relationship notes, the lack of an explicit opt-in or save confirmation increases the chance of unintended retention and privacy harm.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
Automatically creating a local workspace for sensitive contacts data without an immediate warning or consent step can surprise users and result in persistent storage of third-party personal information on disk. The danger is elevated here because the skill explicitly encourages storing birthdays, family members, health issues, preferences, and other highly sensitive relationship notes.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.