Security audit

Bestseller Writer

Security checks across malware telemetry and agentic risk

Overview

This is a coherent book-generation skill, but it can run a long Anthropic-powered workflow and create many local manuscript files.

Install only if you are comfortable providing an Anthropic API key, sending your book idea and generated manuscript context to Anthropic, incurring API costs, and allowing the tool to write multiple files locally. Use non-sensitive material, set an explicit output directory, and review/fact-check the manuscript and KDP package before publishing.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (4)

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The invocation phrase "Write me a book about [your idea]" is extremely broad and closely matches normal user conversation, making accidental or implicit triggering likely in an agentic environment. Because this skill launches a large multi-stage autonomous workflow that can generate extensive content and incur API cost, unintended activation could cause unwanted actions, resource consumption, or content generation without clear user intent.

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The trigger phrases like 'Write me a book about [idea]' and 'Generate a bestseller about [idea]' are broad enough to match ordinary conversational requests, which can cause accidental activation of a costly multi-agent workflow. In an agent environment, this can lead to unintended API spend, excessive task spawning, and file creation without a deliberate opt-in from the user.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill instructs the agent to automatically create output under '~/Desktop/books/[slug]/' without a prominent user-facing warning or consent step. Autonomous writes to a user-visible filesystem location can clutter the system, overwrite existing content if naming collides, and violate least-surprise expectations in agentic environments.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: This script transmits user-supplied ideas, outlines, character data, and generated manuscript content to Anthropic's external API, but it does not clearly warn the user at runtime that their content leaves the local environment. In a writing workflow, users may submit confidential drafts, personal memoir material, or proprietary publishing concepts, so silent third-party transmission creates a real privacy and data-governance risk.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.