Security audit

auto-context

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed conversation-health reminder skill with no executable code or data-transfer behavior, though its automatic reminders may affect normal responses.

Install this only if you want an agent to monitor conversation flow and occasionally add short reminders. If you prefer strictly manual behavior, configure or use it through /auto-context only where your agent platform allows that.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The skill defines automatic activation in a broad, response-layer way rather than as a tightly scoped command. In practice, this can cause unsolicited behavior changes during normal conversation, creating prompt-scope creep and unintended interception of unrelated user requests.

Vague Triggers

Medium

Confidence: 79% confidence
Finding: The trigger keywords include generic phrases like '上下文检查', 'context check', and 'context hygiene', which may appear in ordinary discussion rather than an intentional skill invocation. This raises the risk of accidental activation and response hijacking, especially in long meta-discussions about prompts, context, or agent behavior.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.