Craft Notes

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a normal Craft notes helper, but users should be careful with its write and delete commands.

Install only if you want an agent to manage Craft notes and tasks. Treat delete-block, delete-task, and other write operations as sensitive: ask the agent to preview targets first and confirm before deleting or changing important notes.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The skill description is broadly scoped around common note-taking requests and lacks explicit limits on when write-capable operations should be used. In an agent environment, vague activation criteria can cause the skill to trigger for loosely related user prompts and perform unintended reads or modifications to Craft content.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The documentation exposes destructive commands such as delete-block and delete-task without any warning, confirmation requirement, or recovery guidance. In a CLI skill that manages user notes and tasks, this increases the chance of accidental data loss if the agent or user invokes these commands based on ambiguous instructions.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal