Back to skill

Security audit

Projectpilot

Security checks across malware telemetry and agentic risk

Overview

ProjectPilot is a local task tracker that saves project data to JSON files and does not show hidden network, credential, or unrelated system behavior.

Install this only if you want an agent-accessible local project tracker. Project names, task text, assignees, deadlines, and status data will be stored on disk, so avoid putting sensitive roadmap or personnel details in it unless that workspace storage is acceptable. Use a dedicated PROJECTPILOT_DATA directory if you want clearer separation or easier cleanup/backups.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
85% confidence
Finding
The trigger list includes broad, common terms such as `project`, `task`, `deadline`, `priority`, and `status report`, which could cause the skill to activate in many ordinary conversations unrelated to explicit project-management intent. Over-broad invocation increases the chance an agent will run file-writing or shell-backed actions unexpectedly, especially since the skill operates on workspace-backed JSON data.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill states that projects are stored as JSON under `data/projects/` in the workspace, but it does not clearly warn users that invoking the skill will persist potentially sensitive planning data to disk. In agent environments, silent workspace writes can create privacy, retention, and accidental data-sharing risks, especially if project names, assignees, deadlines, or roadmap details are sensitive.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.