Wedding Planner

Security checks across malware telemetry and agentic risk

Overview

This is a local wedding-planning notebook skill that asks before keeping memory and does not request credentials, network access, or autonomous financial actions.

Install only if you want local wedding-planning notes. Before enabling memory, set clear rules for when it should activate or stay quiet, and avoid storing card numbers, full contracts, IDs, or sensitive family details unless truly necessary.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The activation scope is broad enough to trigger on many ordinary wedding-related conversations, which can cause the skill to engage or persist memory without sufficiently clear user boundaries. In a planning assistant that maintains durable context, overbroad activation increases the risk of collecting or surfacing personal event details when the user did not intend to invoke persistent planning behavior.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal