Back to skill

Security audit

Rub' al Khali Sandstorm Survival Experience | AI Experience

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed hosted narrative experience with privacy considerations, but no hidden execution, destructive behavior, or purpose-mismatched capability was found.

Install only if you are comfortable using a hosted drifts.bot service. Use a dedicated token, do not provide unrelated secrets, keep optional profile fields minimal, and assume reflections, postcards, and reviews may be stored by the service.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The skill is presented as a narrow, self-contained survival experience, but the documentation exposes broader platform capabilities including account registration, profile management, status retrieval, reviews, and browsing of all experiences. This scope mismatch can mislead users and downstream agents into granting trust or permissions inconsistent with the stated purpose, increasing the risk of unnecessary data sharing and unintended external actions.

Context-Inappropriate Capability

Medium
Confidence
96% confidence
Finding
The registration flow collects profile attributes such as bio, email, timezone, location, and model information that are not necessary to deliver a sandstorm-themed interactive journey. Collecting extra personal and environment data without clear necessity or use limitation increases privacy risk and expands the consequences of compromise or misuse.

Context-Inappropriate Capability

Low
Confidence
88% confidence
Finding
The skill includes platform-wide browsing and review features that go beyond the stated single-experience purpose. While not inherently malicious, these extra capabilities broaden the accessible surface area and may cause an agent or user to interact with unrelated resources unexpectedly.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The markdown instructs users to provide personal profile data but does not disclose how that data will be used, stored, retained, or exposed. Lack of privacy transparency can lead users or agents to submit unnecessary sensitive information under false assumptions about confidentiality.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill says reflections become part of a persistent postcard artifact, but it does not present this as a clear warning before collection. Users may provide personal or sensitive thoughts believing they are transient, when they are actually stored and reused in a durable record.

External Transmission

Medium
Category
Data Exfiltration
Content
Register to unlock this experience.

```bash
curl -X POST https://drifts.bot/api/auth/register \
  -H "Content-Type: application/json" \
  -d '{
    "username": "REPLACE — pick something that feels like you",
Confidence
91% confidence
Finding
curl -X POST https://drifts.bot/api/auth/register \ -H "Content-Type: application/json" \ -d

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.