Back to skill

Security audit

Sm Saver

Security checks across malware telemetry and agentic risk

Overview

This skill has a coherent link-saving purpose, but it handles untrusted URLs through local command templates and persistent logging in a way users should review before installing.

Install only if you are comfortable with the skill fetching links and appending summaries to ~/workspace/resources.md. Use it on trusted public URLs, verify the local xurl and summarize tools, and avoid sensitive, private-network, localhost, or unusually crafted URLs unless the skill adds URL validation and safer non-shell argument passing.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The skill description is broad enough to trigger on almost any shared URL, not just clearly scoped social-media save actions. That increases the chance of unintended activation on ordinary links, causing unrequested network fetches and persistent writes to the resource log. In this context, the danger is elevated because the skill performs side effects automatically after link detection.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill tells the agent to append entries to ~/workspace/resources.md but does not prominently warn users up front that using the skill causes a persistent local write. Users may believe the action is ephemeral when it actually stores potentially sensitive URLs, post text, and summaries on disk. The risk is higher here because the skill can activate on broadly shared links, compounding surprise data retention.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.