Get You Some Britches

Security checks across malware telemetry and agentic risk

Overview

This is a pants-shopping helper with some over-broad joke triggers, but the inspected files do not show hidden access, credential use, persistence, or malicious behavior.

Install if you are comfortable with a humorous pants-shopping skill that may trigger from jokes or relationship complaints. Prefer using it only for explicit clothing searches, and review browser actions before letting an agent run retailer automation or JavaScript eval.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The trigger conditions are broad enough to match common conversational statements such as relationship complaints, which can cause the skill to activate outside a clear shopping intent. Over-broad activation can lead to unintended tool invocation, irrelevant retailer queries, or context hijacking that interferes with the user's actual request.

Vague Triggers

Medium

Confidence: 92% confidence
Finding: Subjective phrases like 'your lower half has been neglected' and 'you've been pushing to prod in your underwear for too long' are ambiguous and likely to overlap with ordinary jokes or unrelated discussion. In an agent setting, this increases the risk of accidental activation and inappropriate behavior selection, reducing reliability and potentially triggering external lookups without clear user consent.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal