Feed Digest

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward feed digest helper with disclosed feed fetching and read-status changes, but users should understand the external CLI and mark-read behavior.

Install only if you trust the external feed CLI source. If you want summaries without changing your unread list, tell the agent not to run the mark-read command or to ask before marking entries as read.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The trigger description is broad enough to match many ordinary requests about news, blogs, or 'what's new,' which can cause the skill to activate in situations where the user did not specifically ask to use feed tooling. Because this skill can fetch external content and later modify read state, over-broad routing increases the chance of unnecessary tool use and unintended side effects.

Missing User Warnings

Low

Confidence: 95% confidence
Finding: The workflow instructs the agent to mark entries as read after triage, but it does not warn that this changes persistent user state. A user asking only for a summary may not expect their feed database to be modified, creating a consent and integrity issue even if the change is low impact.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal