Back to skill

Security audit

Tmp Proactivity Review

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed local-memory proactivity helper, with no evidence of hidden execution, network use, credential access, or destructive behavior.

Install only if you want the agent to keep local proactive notes under ~/proactivity/. Review or clear those files periodically, avoid storing secrets or sensitive personal details there, and approve any proposed workspace-file changes only after reading the shown snippet or diff.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The activation preferences are defined only as broad behavioral prompts and do not impose concrete trigger constraints, approval gates, or explicit opt-in conditions. In a proactive agent skill, that vagueness can lead to over-activation, unexpected interventions, and autonomous behavior beyond the user's intended boundaries, especially when paired with persistent memory and background heartbeat behavior.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill directs creation of persistent local state under ~/proactivity and ongoing writes to multiple files containing preferences, task state, recovery hints, logs, and heartbeat data, but it does not require a clear user-facing disclosure or consent flow about persistence and privacy implications. This can lead to silent retention of potentially sensitive work context across sessions, increasing the risk of privacy leakage, over-collection, and unintended reuse of stale or confidential data.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.