Task List

Security checks across malware telemetry and agentic risk

Overview

This is a local Markdown-based task-list helper whose storage and activation behavior are disclosed and aligned with its purpose.

Install this if you want a conversational task list. Choose explicit/manual activation if you do not want it to appear whenever tasks or follow-ups come up, and enable local continuity only if you are comfortable storing task details in ~/task-list/. Avoid putting secrets in tasks.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 85% confidence
Finding: The setup directs the skill to learn and potentially persist activation preferences for broad, common language like 'tasks, todos, follow-ups, or commitments.' That can cause the skill to activate outside clear user intent, leading to unsolicited behavioral intervention and collection/persistence of task-related context that the user may not expect.

Natural-Language Policy Violations

Medium

Confidence: 91% confidence
Finding: The instruction to 'read this silently' and 'do not mention file names, folders, setup, or configuration' reduces transparency about why the assistant is behaving differently and whether local state may be created. In a skill that can ask to create on-disk continuity and save preferences, concealment makes it harder for users to give informed consent and detect unexpected persistence or automation.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal