Back to skill

Security audit

LYGO Prompt Implant System

Security checks across malware telemetry and agentic risk

Overview

This skill is not shown to be malware, but it is designed to ingest and reuse potentially leaked or proprietary system prompts without clear authorization or data-handling limits.

Install only if you intend to analyze prompts you own or are authorized to use. Treat imported prompt files and URLs as sensitive, avoid confidential or leaked third-party material, and inspect the external LYGO stack tools before running the install, ingest, implant, anchor, or egg commands.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
91% confidence
Finding
As a markdown file, this content is in scope for vague-trigger review. Phrases like 'massive opportunity' and 'building a catalog of cognitive workflows' do not clearly define when the skill should or should not be invoked, and there are no exclusion conditions or concrete trigger boundaries to prevent unintended use.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
This markdown file describes ingesting user-supplied files and URLs containing external system prompts, which can affect privacy and data handling. The description does not warn users about reviewing sensitive content, source trust, or potential handling of confidential prompt material before use.

Ssd 3

Medium
Confidence
81% confidence
Finding
The file explicitly says to ingest external system prompts from user-supplied files or URLs, extract patterns, and build a catalog without shipping leaked text in git. Even without explicit exfiltration terminology, this is natural-language guidance to collect and retain sensitive prompt material derived from outside sources.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.