Press Release

Security checks across malware telemetry and agentic risk

Overview

The press-release generator is local and mostly simple, but it includes an under-explained generic command script that stores user input and command history on disk.

Review before installing. The main risk is local retention of potentially confidential launch, funding, event, or crisis details entered through the generic press-release command. Prefer using the visible template generator directly, and avoid entering sensitive business or legal information until the maintainer documents storage behavior, disables or scopes history logging, and implements real deletion.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The script persistently logs command usage and arguments to a history file without disclosing that behavior in the help text or obtaining user consent. This can expose sensitive user input, operational details, or search terms on disk, especially on shared systems or when users assume the tool is ephemeral.

Missing User Warnings

Low

Confidence: 84% confidence
Finding: The add command stores arbitrary user-supplied content in a persistent local log file without warning, which can unintentionally retain secrets or personal data. In this skill context, the danger is moderate-to-low because the data stays local, but it still creates a privacy and data-handling risk if users are not informed.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal