Education

Security checks across malware telemetry and agentic risk

Overview

This education skill is a local study helper that stores progress on the device and does not show hidden network, credential, or privileged behavior.

Install only if you are comfortable running a local bash/python helper. Progress topics and milestones may remain in ~/.education/progress.json until you delete them or run the documented reset command, so avoid recording sensitive study history on shared systems.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Low

Confidence: 93% confidence
Finding: The skill states that progress data is stored in ~/.education/progress.json but does not warn users about persistence, sensitivity of study history, or the effect of --reset. This can lead to unintentional retention or deletion of user data, especially on shared systems or when users assume the skill is stateless.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal