Intelligent Scheduler

Security checks across malware telemetry and agentic risk

Overview

This is a scheduling instruction skill with disclosed task, calendar, conflict-checking, and rescheduling behavior, and no hidden code or installer was found.

Install only if you want an agent to help manage scheduling data. Use explicit prompts for actions that change tasks or calendar entries, and ask for a preview before running auto-reschedule or priority changes.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The trigger list is overly broad for a scheduling skill and includes common natural-language phrases such as 'schedule task', 'reschedule', and 'check conflicts' that could appear in ordinary conversation. This increases the chance of unintended invocation, which is risky because the skill is designed to modify planning behavior and potentially calendar state.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill advertises automatic conflict resolution, smart rescheduling, and workload optimization without clearly warning that tasks may be moved, reprioritized, or otherwise changed. In a scheduling context, silent automatic changes can cause missed deadlines, confusion, or unauthorized alterations to commitments, especially if the skill is triggered unintentionally or used on shared calendars.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal