tenk-connect

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says, but its logging command has an input-handling flaw that could let crafted text run unintended local code.

Review before installing. The TenK integration and token storage are disclosed, but you should wait for a fix that passes user input to Python as data, validates minutes, and asks for confirmation before logging sessions. If you use it anyway, install only on a trusted machine, avoid unusual punctuation in skill names or log requests, verify every session before it is recorded, and run logout when finished.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 87% confidence
Finding: The usage guidance allows broad natural-language triggers such as "log 45 minutes of guitar" and "when asked about progress, hours, or stats," without tight invocation boundaries or exclusions. In an agent setting, this can cause overbroad matching and unintended execution of shell-backed account actions, including logging data to a remote service when the user did not explicitly intend to invoke the skill.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal