Daily Review Assistant

Security checks across malware telemetry and agentic risk

Overview

This is a coherent daily-review helper with no harmful code, but exports may contain sensitive review or conversation summaries.

Install only if you are comfortable saving and exporting daily review records that may summarize private conversations, plans, work context, or reflections. Review exported files before sharing them and confirm whether the separate Cron review system exists in your environment, since this package alone contains only placeholder executable code.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The skill explicitly supports exporting daily review content, which likely includes prior conversations, reflections, and other potentially sensitive personal or operational data, but provides no warning about privacy, retention, or downstream handling. In this context, users may trigger exports without understanding that sensitive content could be persisted to files, shared externally, or exposed through less protected storage locations.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal