Security audit

时间胶囊

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Timehe time-capsule connector, but users should treat its access token and stored personal messages as sensitive.

Install only if you trust timehe.com with the personal messages and recipient details you plan to store. Provide only a Timehe-specific token through a secure environment variable, do not paste tokens into chat or screenshots, and confirm recipient, unlock date, and message content before allowing create or submit actions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The trigger description is overly broad because it activates on generic actions like 'create/view/write' without clearly constraining them to the timehe service or time-capsule context. This can cause the skill to invoke in unrelated conversations, increasing the chance of unintended data handling, user confusion, or unauthorized external actions being proposed when the user did not intend to use this service.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The skill instructs users to obtain an access token from the browser, but does not warn that this token is equivalent to an authenticated session credential and must be treated as sensitive. Users may expose the token to the assistant, logs, screenshots, or third parties, enabling account takeover for capsule access, modification, and other authenticated actions.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal