Back to skill

Security audit

Todo SQLite

Security checks across malware telemetry and agentic risk

Overview

This is a local SQLite todo manager with disclosed delete behavior, limited to its own todo database.

Install only if you are comfortable storing todo titles and notes in a persistent local database. Do not store secrets in todos, and double-check project names and todo IDs before using delete commands because there is no built-in confirmation or undo.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The skill documents project deletion as removing the entire project and all contained todos, but it does not include any warning, confirmation step, or recovery guidance. In an agent-driven context, this increases the chance of accidental destructive actions and irreversible data loss if a user request is ambiguous or misinterpreted.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The todo delete command notes that child todos are also deleted, but the documentation does not prominently warn about cascading deletion or recommend confirmation before execution. This is dangerous because a single mistaken delete can remove an entire subtree of tasks, causing broader data loss than the user may expect.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.