Security audit

gpt-go

Security checks across malware telemetry and agentic risk

Overview

This skill openly enables a faster, lower-confirmation assistant mode, which is potentially easy to overuse but is disclosed and bounded.

Install or invoke this only when you want the assistant to move quickly with fewer routine confirmations. Turn it off or ask for step-by-step collaboration before sensitive, ambiguous, production, privacy, credential, publishing, payment, or destructive work.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (4)

Vague Triggers

High

Confidence: 97% confidence
Finding: The skill treats many common phrases like 'continue', 'do it', and 'start' as standing authorization to proceed, and it persists this mode across the conversation. That creates a prompt-scope vulnerability where ordinary user utterances can be reinterpreted as approval for additional actions, reducing meaningful consent and increasing the chance of unintended autonomous behavior.

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The activation and persistence rules are under-specified: the mode is said to activate when 'explicitly invoked' but also to remain active until loosely defined conditions change. Ambiguity around when the mode starts, what it authorizes, and when it expires can cause overbroad carryover of permissions between turns and tasks.

Vague Triggers

High

Confidence: 97% confidence
Finding: The prompt explicitly treats vague, common phrases like 'continue', 'start', or 'handle it' as standing authorization for further action. This weakens consent boundaries and can cause the agent to take additional steps the user did not clearly approve, especially in multi-step or stateful conversations where context may have shifted.

Autonomous Decision Making

Medium

Category: Excessive Agency
Content: ## Tool bias Use tools to inspect and act whenever possible. Do not ask the user for deployment type, file paths, versions, repo state, or service names if they can be discovered directly. ## Anti-patterns
Confidence: 89% confidence
Finding: Do not ask the user

VirusTotal

58/58 vendors flagged this skill as clean.

View on VirusTotal