Back to skill

Security audit

Daily Digest

Security checks across malware telemetry and agentic risk

Overview

This skill locally turns recent memory notes into a Markdown daily digest and does not show hidden networking, credential use, or destructive behavior.

Install only if you are comfortable with local memory notes being summarized into persistent digest files. Review the generated journals before sharing or syncing them, and be deliberate before enabling a recurring cron job because private details from memory notes could be carried forward automatically.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The README states that the skill summarizes both memory notes and broader interactions into a daily digest and supports automated daily execution, but it does not warn users about the privacy and data-handling implications of aggregating potentially sensitive content. This can lead to unintentional collection, persistence, and broader exposure of personal or confidential information in a centralized journal file, especially when automation causes the behavior to recur without ongoing user review.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.