Security audit

golgent-lifestyle-discovery

Security checks across malware telemetry and agentic risk

Overview

This is a recommendation skill that mostly matches its purpose, but it under-discloses advertising-style tracking and broad external searches.

Review before installing if you do not want ad-style recommendation links or automatic impression tracking. Use it only for explicit shopping, dining, local-service, or booking discovery tasks; avoid optional profile sharing unless needed, provide precise location only for delivery/local searches, and configure your agent not to fetch impression URLs unless users are clearly informed and agree.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (6)

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The trigger description is unusually broad and overlaps with many common recommendation, shopping, dining, and local-discovery queries. In an agent environment, this can cause over-invocation of the skill, routing unrelated or only partially relevant user requests into an external-search workflow, increasing unnecessary data disclosure risk and degrading least-privilege behavior.

Natural-Language Policy Violations

Medium

Confidence: 84% confidence
Finding: The skill metadata states use for requests in Chinese or English, but does not clearly instruct the agent to preserve the user's preferred language or offer a language choice. This can create confusing or mismatched interactions and may lead the agent to transform user input or outputs in ways the user did not expect, especially when combined with the requirement to generate Chinese search keywords.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The documentation explicitly instructs integrators to fire impression tracking URLs whenever products are displayed, but this file does not pair that guidance with a user-facing disclosure, consent requirement, or data-minimization constraints. In a lifestyle discovery skill that may use user preferences, location, and device context, this can enable silent behavioral tracking and sharing of engagement metadata with third parties without the user understanding it.

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The positioning states the skill handles broad 'everyday user intent' across multiple lifestyle domains, which can cause over-triggering on generic requests that may not need this skill. In agent systems, overly broad activation increases the chance of unnecessary data collection, irrelevant API calls, and unintended routing of user queries into commerce or location-dependent flows.

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The '(omit) → queries all sources' behavior is ambiguous and can fan out a user request across all connected sources without clear necessity or user expectation. This creates a risk of overbroad data access, unnecessary third-party calls, and surprising results, especially when the user's intent is underspecified.

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The 'Everyday Choices' section is too vague and includes broad requests that span products, hotels, activities, and services, making it hard to distinguish valid skill use from ordinary conversation. In practice this can cause the agent to invoke the skill on weak signals and expand the scope of processing beyond what is necessary for the user's request.

VirusTotal

50/50 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.