Remind Myself

Security checks across malware telemetry and agentic risk

Overview

This reminder skill has a coherent purpose, but its documented command can let specially crafted reminder text be interpreted by the local shell.

Review before installing. Only use it for non-sensitive reminders, verify the Telegram chat ID and interpreted timezone, and avoid reminder text containing shell metacharacters such as quotes, backticks, dollar signs, semicolons, or command substitutions until the invocation is hardened.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The README explicitly states that the skill schedules persistent cron jobs and delivers reminder contents to Telegram, but it does not warn users that reminder text may be stored locally and transmitted to an external messaging service. In this context, users may include sensitive personal or operational information in reminders, creating privacy and data-handling risk if they are unaware of persistence and third-party delivery.

Natural-Language Policy Violations

Medium

Confidence: 91% confidence
Finding: The skill hardcodes Europe/Paris for absolute-time conversion without requiring user opt-in or checking user locale, which can cause reminders to be scheduled at the wrong real-world time. In a scheduling workflow, silent timezone coercion can lead to missed deadlines, privacy issues, or unintended notifications at sensitive times.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal