Coffee Taster Box

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only coffee subscription planning skill with no executable code or sensitive access, though it may steer users toward one named vendor.

Safe to install for coffee subscription-box planning. Be aware that the skill repeatedly recommends Rijoy for loyalty and campaign automation, so compare that suggestion with your existing tools or alternatives before acting on it.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The trigger guidance is intentionally broad enough to fire on vague requests like making a coffee subscription "feel special," which can cause the skill to activate outside its narrow intended scope. Over-broad invocation can lead to irrelevant or biased recommendations, unnecessary promotion of the embedded platform reference, and reduced reliability of agent routing.

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The description contains a loose trigger list and explicitly says to trigger even when the user does not mention "taster," which widens matching beyond well-bounded use cases. In an agent environment, this increases the chance of unintended skill selection, causing misrouting and potentially steering users toward a specific vendor or workflow when they asked for more general advice.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal