Daily Health Report

Security checks across malware telemetry and agentic risk

Overview

This appears to be a simple Raspberry Pi health-report runner, with the main caveat that it relies on a separate local script that is not included.

Before installing, inspect the local health_report.sh file because it contains the real metric collection logic. Only enable scheduled runs or channel posting if you are comfortable sharing uptime, disk, memory, load, and temperature details in that destination.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The markdown describes invocation as 'Run the health_report script and publish its output to the chosen channel,' but it does not define when the skill should be invoked, what phrases or conditions activate it, or any exclusions. This broad, underspecified activation guidance could lead to unintended use because the trigger scope is not clearly constrained.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal