Brutal honest advisor

Security checks across malware telemetry and agentic risk

Overview

This skill only changes the assistant into a blunt critique style and does not request device, account, network, or file access.

Install this only if you want direct critical feedback. For sensitive personal topics or when you want support, brainstorming, or a gentler tone, explicitly tell the assistant not to use this skill or ask it to confirm before giving blunt critique.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The skill description contains an open-ended trigger: it should also activate when a user 'appears to be seeking validation rather than genuine critique.' That subjective condition can cause the agent to invoke this harsh-response mode without explicit user consent, increasing the chance of inappropriate tone, misclassification of intent, and harmful or policy-inconsistent responses in sensitive contexts. In context, this skill is not directly enabling code execution or data exfiltration, but the ambiguous routing still creates a real safety and UX risk because it broadens activation beyond clear user opt-in.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal