penggen-skill

Security checks across malware telemetry and agentic risk

Overview

This is a one-file Chinese crosstalk-style persona skill that changes response tone but does not add code execution, data access, credentials, or persistence.

Install this only if you want the assistant to use a Chinese crosstalk-style tone across ordinary work. Disable or avoid it for formal writing, non-Chinese conversations, serious incidents, or situations where exact tone and brevity matter.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

High

Confidence: 96% confidence
Finding: The manifest description explicitly says the style should auto-trigger across nearly all scenarios, including everyday chat and coding/research tasks. That broad activation scope can override user intent and other safer, task-specific behaviors, creating prompt-level denial of service, response degradation, and possible interference with higher-priority instructions in sensitive contexts.

Natural-Language Policy Violations

Medium

Confidence: 91% confidence
Finding: The skill description and body require Chinese stylistic output as a default for all contexts, without checking the user's language preference. This can harm usability, cause instruction conflict, and impede accurate communication in technical, safety-sensitive, or multilingual interactions where the user did not request Chinese output.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal