100Critical
The skill is vulnerable to remote code execution
Behavior Analysis
Description verified — behavior matches claim
Claims to do
OKR Tracker: Define, track, and report on OKRs (Objectives and Key Results). Maintains a living document of organizational objectives with measurable key results, tracks progress against evidence from Asana and daily logs, and generates stakeholder-ready summaries.
Actually does
The skill reads and writes Markdown files in `~/.second-brain/vault/product/okrs/` to manage OKRs. It uses MCP tools (`list_tasks`, `list_prs`, `search_memory`) to gather progress evidence from Asana, GitHub, and daily logs, and `log_note` to record actions. It can also generate a Markdown report and potentially interact with Gmail to draft emails.
Skill Info
Nameviditparashar96/second-brain-claude/product-okr-tracker
Registrygithub
Version72b567c43035
PURLpkg:github/viditparashar96/second-brain-claude@72b567c43035?skill=product-okr-tracker
Source
SHA-25637ac7f86fb5b...
SHA-1f6b06f3d88aa...
MD5984776faafdb...
TLSHd2c1a2a2c14c...
ssdeep96:FZKEnSl25...
Size6,143 bytes
Install
This skill has been flagged as potentially malicious. Review the findings below before installing.
Skills.shDocs
npx skills add https://github.com/viditparashar96/second-brain-claudeAssessments (2)
AI Agent Traps ↗Command Injection via unsanitized period slugcriticalcommand execution
The skill executes a `bash cat` command using a `<period-slug>` derived from user input. Without proper sanitization, an attacker can inject arbitrary shell commands, leading to remote code execution.
90% confidenceline 35
cat ~/.second-brain/vault/product/okrs/<period-slug>.md
Reliance on external MCP tools with unknown securityinfotool poisoning
The skill calls several 'MCP tools' (e.g., `list_tasks`, `list_prs`, `search_memory`, `log_note`). The security implications depend on the implementation of these external tools, which are not defined within this skill content.
70% confidenceline 38
Use the `list_tasks` MCP tool...; Use the `search_memory` MCP tool...; call the `log_note` MCP tool...
Potential Path Traversal and RAG Poisoning in file writeshighrag poisoning
The skill writes user-provided content (OKR details, reports) to markdown files, and uses user-controlled input (e.g., `<period>`) in filenames. This could allow path traversal to write files outside the intended directory or content injection to poison the agent's RAG/knowledge base.
80% confidenceline 29
Store in vault file...; Save to: ~/.second-brain/vault/product/okrs/YYYY-MM-DD-<period>-report.md
Badge
Markdown
[](https://mondoo.com/ai-agent-security/skills/github/viditparashar96/second-brain-claude/product-okr-tracker)HTML
<a href="https://mondoo.com/ai-agent-security/skills/github/viditparashar96/second-brain-claude/product-okr-tracker"><img src="https://mondoo.com/ai-agent-security/api/badge/github/viditparashar96/second-brain-claude/product-okr-tracker.svg" alt="Mondoo Skill Check" /></a>Image URL
https://mondoo.com/ai-agent-security/api/badge/github/viditparashar96/second-brain-claude/product-okr-tracker.svgSecure your AI agents
Skills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.
- Continuous scanning of skills across all registries
- Policy enforcement before skills reach your agents
- Integration with your existing security workflow