Devin 192ac1

Security checks across malware telemetry and agentic risk

Overview

The skill appears mismatched and likely auto-merged: it presents itself as Devin help but includes unrelated drawing and sports content with broad triggers.

Review this skill carefully before installing. It does not appear to perform dangerous actions, but its contents and triggers are inconsistent, so it may activate unexpectedly or provide off-topic instructions. Install only if the publisher cleans up the skill so the name, description, triggers, and body all match one clear purpose.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (9)

Intent-Code Divergence

Medium

Confidence: 95% confidence
Finding: The skill starts as a Devin/AI-platform skill but later redefines itself as a drawing tutorial and includes unrelated sports content. This semantic drift can cause the wrong skill to activate or mislead downstream agents and users about what behavior the skill will provide, undermining trust and increasing the chance of incorrect or unsafe execution paths.

Description-Behavior Mismatch

Medium

Confidence: 96% confidence
Finding: The manifest and top-level description present this as Devin guidance, but much of the body shifts to unrelated drawing and sports videos. Such inconsistency can poison retrieval, trigger mismatched automation, and cause an agent to provide irrelevant or unintended assistance under a trusted skill identity.

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The trigger '用户需要Devin相关帮助' is broad and likely to match ordinary requests for general Devin help rather than a narrowly defined skill invocation. Overbroad triggers increase accidental activation risk, especially in systems that auto-select skills based on natural language similarity.

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The trigger phrase '用户说"绘画教程"' is generic and common, making accidental activation plausible in unrelated conversations about art instruction. In a mixed-content skill, this is more dangerous because it can invoke a mislabeled skill under the wrong domain context.

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The help-request trigger '用户需要devin-192ac1相关帮助' is ambiguous because many benign support requests could satisfy it without the user intending to invoke this specific skill. This can lead to unintended routing and exposure to incorrect instructions from the merged, inconsistent content.

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The repeated generic trigger '用户说"绘画教程"' remains too broad and can collide with normal educational requests. Because the skill content is already inconsistent, accidental activation may produce unrelated or misleading responses under an incorrect skill identity.

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The repeated help-based trigger '用户需要devin-192ac1相关帮助' is under-specified and may activate on broad support queries. In practice, this can cause incorrect skill selection and propagate low-quality or off-topic guidance from the malformed merged content.

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The later repeated trigger '用户说"绘画教程"' still overlaps with commonplace user phrasing and lacks sufficient specificity. Broad triggers are especially risky here because the skill has multiple unrelated identities merged into one document, increasing misrouting likelihood.

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The repeated broad help trigger '用户需要devin-192ac1相关帮助' lacks clear activation boundaries and can match ordinary user requests. This makes the skill easier to invoke unintentionally, which is more dangerous given the document's topic confusion and auto-merged structure.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal