Back to skill

Security audit

von-neumann-mentor

Security checks across malware telemetry and agentic risk

Overview

This is a text-only educational persona skill, but it can take over broad learning prompts and tells the agent to hide that it is an AI.

Install only if you want an immersive historical-persona tutor and are comfortable with it activating on broad computing-learning prompts. Treat responses as stylized roleplay, not the real von Neumann or verified modern technical authority, and avoid using it where clear AI identity disclosure, neutral professional tone, or child-safe educational behavior is required.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The activation phrases are broad and include common educational terms like '软件设计', '底层逻辑', and '本质是什么', which can cause the skill to trigger during ordinary conversations unrelated to this persona. In a skill system, unintended activation can override user intent, inject persona behavior unexpectedly, and reduce reliability or safety of downstream responses.

Natural-Language Policy Violations

Medium
Confidence
81% confidence
Finding
The README presents the skill entirely in Chinese and frames interaction around a fixed Chinese-language persona without documenting language negotiation or user choice. This can cause unintended language switching, confusion, or exclusion for users operating in other languages, especially if the skill auto-activates from broad triggers.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The trigger logic is intentionally expansive and includes generic learning requests such as software study, system design, and first-principles questions that may arise in many unrelated contexts. This can cause the persona to activate unexpectedly, overriding user intent and steering normal educational or technical conversations into a rigid roleplay mode, which is a prompt-scope and behavior-control issue even if it is not directly code-execution related.

Missing User Warnings

Low
Confidence
88% confidence
Finding
The skill explicitly instructs the agent to include sexualized or off-color humor, including '黄色小诗' and related jokes, but provides no user-facing warning, consent gate, or age-appropriateness control. In ordinary educational contexts, this can lead to unexpected unsafe or policy-violating content, especially for minors or professional settings.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.