Back to skill

Security audit

Device Assistant

Security checks across malware telemetry and agentic risk

Overview

This is a coherent device-management skill, with the main caution that it saves household device details locally and may produce external search links containing model or error information.

Install this if you are comfortable keeping device inventory details in workspace memory. Avoid saving unnecessary serial numbers or purchase records, and review any generated search, manual, or support links before opening them because they may reveal model numbers, error codes, or household device details to third-party sites.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (6)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill declares shell-capable handler commands and external tool requirements (`jq`, `curl`) but does not declare corresponding permissions or clearly scope those capabilities. This creates a trust and review gap: users or platforms may not realize the skill can execute shell commands and make network requests, increasing the risk of unintended command execution or data access in downstream implementation.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger set includes broad natural-language phrases such as device problems, appliance issues, and generic error mentions, which can cause the skill to activate when the user did not intend to invoke it. In this skill’s context, unintended activation is more concerning because the skill stores device metadata and may perform web lookups, so accidental invocation can lead to unnecessary data collection or disclosure.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The feature list describes tracking devices, model numbers, serial numbers, purchase information, warranty data, and maintenance history, but it does not warn users that this information will be persisted in workspace files. Because this data can include uniquely identifying device details and purchase records, silent storage creates a privacy and consent issue.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill states it will perform web searches and retrieve manuals based on device model and error code, but it does not warn users that these queries may send device-identifying information to external services. In this context, model numbers, vendor names, stored manual URLs, and error conditions can reveal household inventory and operational details to third parties.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The handler persistently stores device inventory, serial numbers, warranty details, locations, notes, and maintenance/error history under the workspace without any disclosure, consent, minimization, or retention controls. In an agent environment, workspace files are often accessible to other skills, users, backups, or operators, so silent persistence of household/device metadata creates a real privacy and data exposure risk.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The update and remove commands make immediate persistent changes to the device database with no confirmation, dry-run, or undo capability. In an agent setting, accidental invocation, ambiguous device matching, or prompt-manipulated tool use could silently alter or delete user data, causing integrity loss and operational confusion.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.