Back to skill

Security audit

Focus Deep Work

Security checks across malware telemetry and agentic risk

Overview

This focus helper is purpose-aligned and disclosed, with the main caution that it can change your device environment if you allow it.

Install it if you want a local focus assistant, but grant environment-changing permissions carefully. Configure which apps and sites may be blocked, require confirmation before muting notifications or closing apps, and check where local focus logs are stored and how to delete them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
82% confidence
Finding
The trigger set includes short, generic phrases like "focus mode," "start focus," and "productivity session," which can be invoked unintentionally during normal conversation. Because this skill can silence notifications, block apps, and change device state, accidental activation could disrupt work or cause unexpected environment changes even without malicious intent.

Vague Triggers

Low
Confidence
71% confidence
Finding
The usage examples promote broad phrases such as "End session" and "Stop focus" without clarifying that they should be scoped to this skill. Ambiguous examples can reinforce accidental or cross-context invocation, especially in assistants where short imperative phrases may overlap with other workflows.

Shadow Command Trigger

Medium
Category
Trigger Abuse
Confidence
78% confidence
Finding
The trigger phrase "start focus" overlaps with the common built-in verb "start," creating a shadow-command condition where the skill may intercept or be confused with native assistant behavior. In this skill's context, such interception is more concerning because activation can lead to notification silencing, app blocking, or other system-level focus controls.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.