Lore

Security checks across malware telemetry and agentic risk

Overview

Lore is a coherent knowledge-base skill, but it tells agents to persist conversations and content from Slack, Notion, GitHub, email, and similar sources without clear consent, redaction, retention, or access-control rules.

Install only if you want agents to use Lore as persistent searchable memory. Before using it with meetings, email, Slack, Notion, GitHub, customer data, or regulated content, confirm who can access Lore, what can be stored, how entries are approved or redacted, and how retained content can be deleted.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill explicitly instructs the agent to ingest conversational content and data fetched from external systems such as Slack, Notion, GitHub, and email, but provides no guardrails for secrets, personal data, or confidential information. This creates a real privacy and data-governance risk because the agent may persist sensitive content into Lore by default, expanding retention and access beyond the original source context.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal