Spotlight Search

Security checks across malware telemetry and agentic risk

Overview

This is a coherent macOS Spotlight search helper with expected local file-search access and a disclosed admin reindex command that requires explicit user approval.

Install only if you are comfortable letting the agent search your Mac's Spotlight index and show local file paths or metadata in chat. Prefer folder-scoped searches for sensitive areas, and do not approve sudo mdutil reindexing unless you intentionally want a system-wide Spotlight rebuild.

SkillSpector

By NVIDIA

Vulnerability Patterns

Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 85% confidence
Finding: The trigger phrases are broad enough that the skill could be invoked unintentionally for generic requests like 'find this file on mac' or 'search my computer.' While the skill itself is not overtly dangerous, over-broad auto-invocation can cause unnecessary filesystem searches, surface sensitive file paths or metadata, and increase exposure when used in contexts the user did not explicitly intend.

Sudo/Root Execution

Medium

Category: Privilege Escalation
Content: 1. Check indexing status: `mdutil -s /` 2. Ensure the directory is indexed (Spotlight excludes some system and Library folders) 3. Re-index only with explicit user approval because it is a privileged, system-wide action: `sudo mdutil -E /` **Query syntax errors?**
Confidence: 78% confidence
Finding: sudo

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal