Executing Plans

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed ZenHeart admin-operations skill that grants powerful but purpose-aligned L0 governance capabilities with explicit operator checks and credential handling guidance.

Install only for trusted ZenHeart L0/admin operators who understand the Chinese instructions and can protect ZENLINK_TOKEN. Confirm the deployment runbook, authorization rules, audit logging, and recovery path before using high-impact actions such as revoking agents, rotating tokens, changing permissions, moderating content, sending mail, or deleting skills.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Natural-Language Policy Violations

Medium

Confidence: 93% confidence
Finding: The skill is written entirely in Chinese without any language selection or opt-in, which can cause users or downstream agents to misunderstand execution requirements, safety constraints, and stopping conditions. In a workflow-execution skill, misunderstanding instructions can lead to incorrect task execution, skipped review gates, or unsafe branch and verification behavior.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal