Deep Planner

Security checks across malware telemetry and agentic risk

Overview

This is a planning-only skill that clearly discloses local todo-file persistence and does not include executable code, network calls, credential handling, or hidden behavior.

Install this if you want a persistent planning workflow for complex tasks. Avoid putting secrets or highly sensitive details into task descriptions, and periodically review or delete `.todolist/` files because completed plans are intentionally retained.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The activation criteria are broad enough to trigger on many ordinary requests, causing the planner to intercept workflows unexpectedly and create persistent task artifacts or alter execution flow without strong user intent. Over-broad auto-invocation increases the chance of unnecessary data retention and accidental delegation to additional tools or skills.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill instructs persistent writes to `.todolist/` but does not require clear user notice or consent before storing task details locally. If requests contain sensitive business, personal, or credential-adjacent context, this behavior can create unintended local data exposure and retention beyond the conversation.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal