Security audit

Agente Literatura

Security checks across malware telemetry and agentic risk

Overview

This is a Portuguese literature tutoring skill with broad activation wording but no code execution, credential access, persistence, or sensitive data handling.

Install it if you want a Portuguese-first conversational study aid for FUVEST literature. Be aware it may activate broadly around literature, authors, reading, or related study discussions, so users with many specialist skills may want clearer routing preferences.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The skill’s activation criteria are very broad, including whenever Antonio mentions any work, author, literary movement, wants to talk about reading, or when the orchestrator merely detects an 'opportunity' to connect with literature. This can cause unintended invocation outside the user’s actual intent, leading to context hijacking, unnecessary interference with other skills, and degraded routing reliability.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal