Security audit

Xiaobai Self-Improvement

Security checks across malware telemetry and agentic risk

Overview

This skill is not malicious, but it asks the agent to create permanent behavior rules from mistakes without clear review or deletion controls.

Install only if you want the agent to keep long-lived mistake logs and behavior rules. Review memory/mistakes.json and WORK_RULES.md regularly, avoid storing sensitive user content in them, and require explicit confirmation before any correction becomes a permanent rule.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill directs the agent to persist mistakes and auto-generate rules in local files without user consent, retention limits, or validation of what gets stored. This creates a durable prompt/policy injection surface and can also persist sensitive user content or adversarial instructions across sessions, influencing future behavior in unintended ways.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.