Back to skill

Security audit

Sumo Notebook RAG

Security checks across malware telemetry and agentic risk

Overview

This is a local notebook search skill whose disclosed behavior matches its purpose, with privacy caveats around local indexing and Ollama processing.

Install only if you want your agent to search the SumoNoteBook knowledge base. Before using it with sensitive notes, inspect the referenced local query and ingestion scripts, confirm you trust the local Ollama and LanceDB setup, and avoid indexing secrets or regulated data you would not want resurfaced in future agent context.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Low
Confidence
86% confidence
Finding
The skill explicitly depends on Ollama over `http://localhost:11434` and on local vector/database components, but the description does not warn users that their query text will be transmitted to another local HTTP service and processed outside the core agent. Even though this is local rather than remote exfiltration, users may unknowingly send sensitive prompts to auxiliary services with separate logging, retention, or plugin behavior.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.