Social Media Content Calendar

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward social media calendar generator that creates local planning files and does not show hidden code, credential use, or unsafe behavior.

Before installing, note that the skill can create or edit files in your workspace, especially under output/content-calendar/. Use it in a project where those generated calendar files are expected, and review existing files before letting it overwrite them.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Missing User Warnings

Low

Confidence: 90% confidence
Finding: The skill directs the agent to create several files under `output/content-calendar/` without explicitly warning the user that it will modify the filesystem. While the writes appear limited to generated deliverables and are consistent with the skill’s purpose, undisclosed file creation can still surprise users, overwrite existing artifacts, or be abused in broader workflows where file writes trigger downstream automation.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal