ai-news-digest

Security checks across malware telemetry and agentic risk

Overview

This is a simple AI news digest template with disclosed optional email and scheduling examples, and I found no hidden sending, credential theft, persistence, or destructive behavior.

Install only as a template-style digest helper. Before using email or automation, review generated content, limit recipients, use revocable app-specific SMTP credentials or a secret manager, and add the cron entry only if you intentionally want recurring runs.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 78% confidence
Finding: The skill advertises emailing generated digests but does not warn users that content and recipient addresses will be transmitted to external mail infrastructure. This can lead to unintended disclosure of summarized content, metadata, or personally identifiable information if users assume the tool is purely local.

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The documentation instructs users to set SMTP credentials in environment variables but does not warn that these are sensitive secrets that may be exposed through shell history, process inspection, logs, or misconfigured environments. In combination with outbound email capability, compromised credentials could enable unauthorized mail sending or account abuse.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal