Security audit

Mia Executive Permission Policy

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed approval-policy plugin that gates tool calls and only auto-allows outbound actions when the user configures allowed recipient domains.

Install this only if you want a policy layer that may reduce approval prompts for trusted recipient domains. Keep allowedDomains empty or very narrow unless silent internal outbound actions are acceptable, and use alwaysAskRecipients for executives, investors, external partners, or any sensitive distribution lists.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: This policy explicitly allows some outbound actions to execute silently when recipients are in allowed domains and not on the always-ask list. In an executive-assistant context, silent outbound communication can still cause unintended disclosure, reputational harm, or unauthorized commitments because domain-based trust is a weak proxy for safety and does not guarantee correct recipient, content, or user intent.

VirusTotal

52/52 vendors flagged this plugin as clean.

View on VirusTotal