Back to skill

Security audit

Trend

Security checks across malware telemetry and agentic risk

Overview

This is a local content logger packaged as a trend tracker, so users may install it for analytics while it is designed to store and export their entered text.

Install only if you want a simple local content logging utility, not a real trend, sentiment, popularity, or alerting tool. Do not enter secrets, confidential drafts, regulated data, or anything you would not want stored in plaintext under ~/.local/share/trend and included in export files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (8)

Description-Behavior Mismatch

High
Confidence
98% confidence
Finding
The documentation presents two conflicting identities: a trend-tracking tool in the manifest and a content creation/logging system in the body. Security decisions often rely on declared purpose, so this inconsistency increases the chance that users will disclose sensitive material without understanding it will be retained and managed as local logs.

Intent-Code Divergence

High
Confidence
97% confidence
Finding
A contradiction between the top-level manifest description and the substantive documentation is a trust and transparency failure. In practice, it can conceal materially different data-handling behavior, especially because this skill stores and later exposes user-provided content through history, search, and export commands.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill description does not prominently warn users that all content inputs are automatically written to local plaintext logs and may later be exported. That omission increases the risk of accidental capture of confidential drafts, credentials, internal plans, or personal data entered under the assumption of transient processing.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The script persistently stores raw user-provided content in plaintext log files under the user's home directory without any clear disclosure, retention policy, or privacy warning. In a content-drafting workflow, users may paste sensitive prompts, unpublished material, credentials, or personal data, which then remain recoverable through local files and export commands.

Ssd 3

Medium
Confidence
92% confidence
Finding
The skill explicitly encourages persistent logging and export of arbitrary user content, which creates a confidentiality risk if users enter sensitive information. Because the logs are plain text and intended for later retrieval, compromise of the local environment or casual sharing of export files could expose prior inputs broadly.

Ssd 3

High
Confidence
96% confidence
Finding
The storage model centralizes every command input into per-command logs and a unified history, while also making that data searchable and exportable. This materially increases blast radius: a single local compromise, unintended export, or misuse of search/review commands can reveal a comprehensive record of user activity and content.

Ssd 3

Medium
Confidence
90% confidence
Finding
Export and review capabilities are not inherently malicious, but when combined with blanket retention of user inputs they become easy disclosure mechanisms for previously captured data. In this skill's context, users may treat content prompts as working drafts and not expect those drafts to be retrievable and dumpable in bulk.

Ssd 3

Medium
Confidence
92% confidence
Finding
The tool is designed to record essentially all user inputs across multiple commands and provides bulk recall/export features, creating an easy path for sensitive local data aggregation and exposure. In this skill context, users are likely to enter drafts, edits, translations, and other potentially confidential business content, so the mismatch between expected 'trend tracking' and actual persistent archival makes the privacy risk more pronounced.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.