News Aggregator Skill

Security checks across malware telemetry and agentic risk

Overview

This is a public-news summarizer with local report saving and missing helper files, but no evidence of hidden credential use, account access, exfiltration, or destructive behavior.

Before installing, confirm you trust any separately supplied fetch_news.py and templates.md because they are not included in the reviewed package. Expect the skill to fetch public web pages, broaden some searches unless you ask for strict filters, and leave Markdown reports in a local reports/ folder that you may want to delete if the topics are sensitive.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Context-Inappropriate Capability

Medium

Confidence: 91% confidence
Finding: The skill explicitly instructs the agent to persist full reports to a local `reports/` directory, which introduces an unnecessary side effect beyond transient news retrieval and summarization. Persisting fetched content can create privacy, retention, and disk-footprint risks, especially if article text or user-request context is written without consent or lifecycle controls.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill requires saving reports to disk but does not warn the user that local files will be created. Undisclosed file creation is dangerous because it can leave persistent artifacts containing fetched article text, summaries, and possibly user-interest signals, violating user expectations and increasing local data exposure.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal