Flow State Monitoring

Security checks across malware telemetry and agentic risk

Overview

This skill is for focus blocking, but it can automatically change Google Calendar or Workspace status based on vague local telemetry.

Review before installing. Only use this if you are comfortable with a skill that may create Google Calendar availability blocks automatically. Confirm which local signals it reads, what triggers a focus block, what Google permissions gog will use, and how to see or delete events it creates.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands

Findings (4)

Description-Behavior Mismatch

Medium

Confidence: 93% confidence
Finding: The skill's declared purpose is to mute interruptions, but its actual documented action is to create Google Calendar events and update status in Google Workspace. This mismatch can mislead users and reviewers about the scope of external side effects, causing unauthorized or unexpected changes to scheduling data and presence state.

Context-Inappropriate Capability

Low

Confidence: 72% confidence
Finding: The skill sends or processes local sensor telemetry through an LLM sub-agent to infer whether the user is in 'Deep Work,' which introduces unnecessary data handling and opaque decision-making for a relatively simple automation task. This increases privacy risk and can cause incorrect autonomous actions based on misclassification of potentially sensitive local activity patterns.

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The trigger condition 'when telemetry from local sensors indicates deep focus' is ambiguous and underspecified, so the skill may activate autonomously under unclear or unintended conditions. In a workflow that modifies external calendar state, vague triggers materially raise the risk of false activations, status corruption, and user disruption.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill autonomously modifies the user's Google Calendar/status without an explicit warning or consent step, despite making externally visible changes that can affect coworkers, scheduling, and availability signals. Silent autonomous actions on third-party services are dangerous because users may not realize the tool is publishing presence information or altering calendar data on their behalf.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal