Back to skill

Security audit

Note Organizer / 笔记整理

Security checks across malware telemetry and agentic risk

Overview

This note-organizer skill has no executable code and its note-editing behavior is purpose-aligned, though it includes unrelated promotional links and should document file-writing risks more clearly.

Before installing, treat this as a documentation-only note workflow and avoid following the unrelated promotional links unless you trust them. Use it first on copied notes or a test output directory, and confirm whether any future implementation preserves originals before running merge or export operations on important note collections.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
97% confidence
Finding
The skill documentation contains affiliate links and promotional material unrelated to note organization, which expands the trust boundary and can steer users to third-party services outside the skill’s stated purpose. In an agent ecosystem, unrelated marketing content is risky because it can be used to socially engineer users, normalize external navigation, or hide future malicious redirections behind apparently legitimate documentation.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The documentation advertises reorganizing, merging, and exporting notes without clearly warning that these operations may modify note collections, overwrite organization state, or create new output files. This is dangerous because users or downstream agents may treat the skill as read-only and trigger destructive or hard-to-reverse changes to personal data unintentionally.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The example command writes reorganized output to an output directory but does not clearly warn that running it will create or alter files on disk. In an automated or agent-assisted setting, omission of this warning increases the chance of unintended filesystem changes, data duplication, or user confusion about where generated artifacts are stored.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.