Inner Life Evolve

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed self-improvement helper that reads agent memory and writes reviewable proposals, but users should understand it reads broad local context.

Install only if you are comfortable with the agent reading its local memory and core agent instruction files to generate improvement proposals. Review inner-life-core's init.sh before running it, and treat queued [EVOLVER] items as suggestions that require your approval.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 94% confidence
Finding: The skill documentation instructs the agent to 'Read everything' at Context Level 4, which is broader than the manifest-declared read scope. This creates a permission mismatch: an orchestrator or reviewer may rely on the manifest for containment, while the skill behavior encourages access to additional files and broader contextual ingestion than explicitly authorized.

Scope Creep

Medium

Confidence: 98% confidence
Finding: The skill explicitly tells the agent to read AGENTS.md and TOOLS.md, but those files are not included in the manifest's declared read permissions. This can lead to unauthorized data exposure or policy bypass if the runtime follows in-skill instructions more loosely than the manifest.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal