Back to skill

Security audit

Daily Mindful

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent daily mindfulness helper with optional user-directed reminder scheduling and no evidence of credential theft, hidden network calls, or destructive behavior.

Before installing, be aware that the skill can save a local HTML file and, if you run the push-toggle script, create recurring morning and evening reminder jobs to a selected channel. Only enable pushes for your own userId/channel, and use the provided off command if you no longer want scheduled reminders.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The manifest describes a short HTML mindfulness experience, yet the file also includes instructions for daily push-notification management across third-party platforms. This discrepancy creates a security-relevant hidden capability: reviewers may approve a content-rendering skill without realizing it can drive recurring external communications.

Context-Inappropriate Capability

Medium
Confidence
89% confidence
Finding
Scheduled multi-channel push control is not necessary for generating a brief mindfulness page, so its inclusion increases the attack surface beyond the stated use case. Unnecessary scheduling and external-channel integration can be abused for spam, unauthorized contact, or persistence mechanisms if not tightly constrained.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The skill instructs writing an HTML file to user storage without clearly disclosing this behavior to the user at execution time. Undisclosed file creation can surprise users, create unwanted persistent artifacts, and become more concerning when combined with interactive HTML or later automation that references stored outputs.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.