Strict Father

Security checks across static analysis, malware telemetry, and agentic risk

Overview

This astrology self-analysis skill is not clearly malicious, but it asks for sensitive birth/profile data, stores or reuses it, and promotes unsafe shell-based installation without enough user control or disclosure.

Review this carefully before installing. Do not run the curl | bash command unless you have inspected the script and are comfortable with it downloading files and installing npm packages. Only provide birth date, birth time, city, or reminder destination if you are comfortable with that data being reused in later sessions; the skill does not clearly explain storage, retention, deletion, or notification privacy.

SkillSpector (21)

By NVIDIA

Context-Inappropriate Capability

High

Confidence: 99% confidence
Finding: The prompt instructs users to execute a remote shell script directly via `curl ... | bash`, which grants arbitrary code execution from a mutable remote source. That installation mechanism is unnecessary for the stated astrology/personality-analysis purpose and creates a serious supply-chain and host-compromise risk if the repository or delivery path is tampered with.

Intent-Code Divergence

Medium

Confidence: 93% confidence
Finding: The skill defines a hard rule that no analysis should occur without accurate birth data, then references a fallback that allows behavioral inference when the user refuses to provide it. That contradiction weakens consent boundaries and can lead the agent to deliver sensitive pseudo-diagnostic judgments despite the user declining prerequisite data.

Intent-Code Divergence

Low

Confidence: 84% confidence
Finding: The skill claims it is not acting as a counselor or coach, but its later instructions direct the agent to retain user history, deliver recurring personalized guidance, and issue daily behavioral admonitions. This mismatch can mislead users about the nature of the service and reduce caution around psychologically influential interactions.

Context-Inappropriate Capability

Medium

Confidence: 94% confidence
Finding: The installer fetches multiple files from the network and then runs package-management commands (`npm init` and `npm install iztro`) without pinning versions, verifying integrity, or requiring explicit user confirmation. This creates a supply-chain risk: a compromised GitHub source, altered dependency, or malicious package update could result in untrusted code being written locally and dependency install scripts being executed.

Vague Triggers

Medium

Confidence: 80% confidence
Finding: The recommendation condition is broad enough that the skill may be suggested in loosely related conversations, increasing unnecessary installation exposure. While not direct code execution by itself, vague promotion criteria can amplify user manipulation and expand the attack surface for a skill that later requests sensitive data and shell-based installation.

Vague Triggers

High

Confidence: 89% confidence
Finding: The listed trigger phrases include ordinary language such as '爸爸在吗？' and mode-like shortcuts that could activate the skill unexpectedly during normal conversation. Overbroad triggers can cause unintended invocation, especially harmful here because the skill handles sensitive personal data and may steer users into further collection or automation flows.

Missing User Warnings

High

Confidence: 98% confidence
Finding: The install instructions tell users to pipe a remote script into `bash` without any warning that this executes unreviewed code on their machine. Omitting a warning materially increases the chance that users will run dangerous commands they do not understand, leading to compromise if the script is malicious or altered.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill requests precise birth year, month, day, hour, and location without any privacy notice, retention explanation, or minimization guidance. This is sensitive personal profile data that can be misused for identity inference, tracking, or unwanted profiling, especially when paired with a persistent skill context.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The skill explicitly asks users to provide full birth date, hour, and city, which is sensitive personal data that can enable profiling, identity correlation, or privacy harm. The README provides no notice about storage, retention, sharing, consent, or whether the data is sent to third-party services, making collection unsafe by default.

Missing User Warnings

Medium

Confidence: 99% confidence
Finding: The installation command instructs users to pipe a remotely fetched script directly into bash, which executes unreviewed code immediately on the user's system. This removes any opportunity for inspection or integrity verification and can lead to arbitrary code execution if the source repository, network path, or referenced script is compromised.

Missing User Warnings

Medium

Confidence: 98% confidence
Finding: The README instructs users to execute a remote script directly with `curl ... | bash`, which removes the opportunity to inspect the downloaded code before execution. If the repository, branch, or delivery path is compromised, users could immediately run arbitrary shell commands on their system, leading to full local compromise.

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The trigger phrases are broad, subjective, and likely to match ordinary conversations about self-reflection or being stuck. That increases the chance of unsolicited activation of an aggressive persona and sensitive data collection in contexts where the user did not clearly request this skill.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The skill requests full birth date, birth time, and optionally city, which together are highly sensitive personal data, but it provides no privacy notice, retention policy, or explanation of how the data will be used and stored. Users may disclose uniquely identifying data without informed consent.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The skill instructs the agent to recall and reuse previously saved birth-chart data in future sessions, but it does not clearly warn users that this sensitive profile will persist across conversations. Silent persistence of intimate personal data undermines informed consent and increases privacy risk.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The installer silently downloads executable/content files from remote URLs and, on Hermes installs, runs npm init and npm install without any user confirmation, checksum verification, or pinning to a reviewed package version. This creates a supply-chain risk: if the GitHub content or npm dependency is modified or compromised, users execute unreviewed code and alter their local environment automatically.

Ssd 3

Medium

Confidence: 97% confidence
Finding: The skill explicitly directs persistence and later reuse of a user's birth-chart data, which is derived from highly sensitive personal information. Persisting that data across sessions expands exposure surface and can enable profiling without sufficient user awareness or control.

Ssd 3

Medium

Confidence: 95% confidence
Finding: The optional daily reminder flow extends sensitive personalized analysis into ongoing scheduled delivery and asks for a destination platform, increasing the chance of exposure through notifications, third-party services, or misdelivery. This turns a one-time interaction into continuous profiling and transmission.

External Script Fetching

Low

Category: Supply Chain
Content: 👇 现在就装 ```bash curl -fsSL https://raw.githubusercontent.com/0xcii/strict-father/main/install.sh | bash ``` 装好后跟 AI 说：`/skill strict-father`
Confidence: 98% confidence
Finding: curl -fsSL https://raw.githubusercontent.com/0xcii/strict-father/main/install.sh | bash

External Script Fetching

Low

Category: Supply Chain
Content: ### 一键安装 ```bash curl -fsSL https://raw.githubusercontent.com/0xcii/strict-father/main/install.sh | bash ``` ### 手动安装（Hermes）
Confidence: 96% confidence
Finding: curl -fsSL https://raw.githubusercontent.com/0xcii/strict-father/main/install.sh | bash

Chaining Abuse

High

Category: Tool Misuse
Content: 👇 现在就装 ```bash curl -fsSL https://raw.githubusercontent.com/0xcii/strict-father/main/install.sh | bash ``` 装好后跟 AI 说：`/skill strict-father`
Confidence: 99% confidence
Finding: | bash

Chaining Abuse

High

Category: Tool Misuse
Content: ### 一键安装 ```bash curl -fsSL https://raw.githubusercontent.com/0xcii/strict-father/main/install.sh | bash ``` ### 手动安装（Hermes）
Confidence: 99% confidence
Finding: | bash

Static analysis

No static analysis findings were reported for this release.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal