Back to skill

Security audit

blog-writer

Security checks across malware telemetry and agentic risk

Overview

This blog-writing skill is coherent, but it requires draft posts to be sent to a specific Notion database without clear approval at publish time.

Install only if you want the agent to write in this named person's style and publish drafts to the specified Notion workspace. Before use, confirm the Notion account and integration permissions, require explicit approval before each publish, and avoid putting confidential material into drafts or saved examples unless that retention is acceptable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Natural-Language Policy Violations

Low
Confidence
92% confidence
Finding
The skill description hard-codes impersonation of a specific person's distinctive voice without any indication of user consent, authorization, or opt-in. While not directly enabling code execution or data exfiltration, it can facilitate deceptive content generation, misrepresentation, or unauthorized persona mimicry, especially when the output is presented as authentic personal writing.

Missing User Warnings

High
Confidence
98% confidence
Finding
The skill mandates publishing content to an external Notion database and declares the run a failure if that transmission does not occur, but it provides no user-facing notice or consent checkpoint. This creates a real data exfiltration/privacy risk because drafts and user-supplied research may be sent off-platform automatically, including before the content is finalized.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill instructs the agent to persist finalized posts into a local examples library and contemplates removing older files, but it does not warn users that their content will be written to disk and retained for future reuse. Persistent storage of user content without clear notice can expose sensitive information and create unintended long-term data retention.

Ssd 3

Medium
Confidence
97% confidence
Finding
The instruction to always publish user-provided draft content and research-derived material to Notion, even before finalization, increases the risk of leaking sensitive or inaccurate material outside the immediate session. Because the action is mandatory and premature, the skill context makes this more dangerous than ordinary publishing automation.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.