dapianke

Security checks across malware telemetry and agentic risk

Overview

This is a course-design helper that openly stores and reloads course project notes as local markdown files, with no executable code, credentials, network use, or hidden behavior found.

Install only if you want a persistent course-design workflow. Use a dedicated project folder, avoid pointing it at broad personal directories, and review saved markdown before continuing a project because those files will be reloaded as context in later sessions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The trigger keywords and usage guidance are broad enough to activate on ordinary course-design discussions, not just clear user intent to invoke this skill. That can cause unintended routing into a skill that performs persistent project management and file-oriented behaviors, increasing the chance of surprise actions, irrelevant context loading, or disclosure of prior project content.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The skill explicitly instructs creation, updating, and rereading of markdown files across sessions, but does not require a clear upfront warning that user content will be written to disk and later reloaded as context. This is dangerous because users may unknowingly persist sensitive business, personal, or client data, and future sessions may automatically reintroduce prior content in ways the user did not expect.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal