Call O3 Llm

Security checks across malware telemetry and agentic risk

Overview

This instruction-only skill does not run code, but its name and description do not match its actual creative-meeting prompt and it tries to over-control the agent's behavior.

Review before installing. This skill appears non-executable and does not access data by itself, but users expecting an O3-calling assistant may instead get a creative meeting roleplay prompt with unusually rigid language and context rules.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Natural-Language Policy Violations

Medium

Confidence: 91% confidence
Finding: The skill hard-codes a highest-priority language-selection rule that forces outputs to match the user's initial language and explicitly forbids normal language inference. This can override user preference changes later in the interaction and may cause the agent to respond in an inaccessible or unexpected language, creating reliability and safety issues in downstream use.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal