Dharma Learning

Security checks across malware telemetry and agentic risk

Overview

This is a mostly text-only Buddhist study skill, but it contains undeclared business, prediction-market, and purchase/crypto-related scope that users should review before installing.

Review before installing. Do not grant this skill purchase, payment, wallet, crypto, or financial permissions unless those capabilities are removed or separately reviewed. Remove or quarantine the monetization and weather-trading files if the skill is intended to be Dharma-only, and avoid placing sensitive personal notes in dharma/ unless you are comfortable with local persistence and later reuse.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands

Findings (13)

Description-Behavior Mismatch

High

Confidence: 97% confidence
Finding: The file is clearly a monetization and business-growth playbook rather than content supporting a Buddhist learning skill. This scope drift is dangerous because users may enable or trust the skill for a benign educational purpose while it actually steers agent behavior toward commercialization, outreach, and service deployment outside the declared function.

Context-Inappropriate Capability

Medium

Confidence: 94% confidence
Finding: The content promotes business development, commercialization, and deployment of client-facing AI services that are not justified by the stated Buddhist learning purpose. In a skill ecosystem, this mismatch can mislead reviewers and users, increasing the chance that the skill is used to perform actions or recommendations beyond expected trust boundaries.

Description-Behavior Mismatch

High

Confidence: 98% confidence
Finding: The file is materially unrelated to the declared Buddhist learning purpose and instead stores a detailed playbook for weather-based trading intelligence and monetization. This kind of scope drift is dangerous because it can cause the agent to assist with financially sensitive, legally adjacent, and operationally risky tasks that users would not reasonably expect from a Dharma-learning skill.

Context-Inappropriate Capability

High

Confidence: 97% confidence
Finding: The document actively promotes commercial trading-adjacent intelligence, alerting, API services, and revenue generation workflows that are unjustified for the stated skill purpose. In context, this broadens the agent from religious education into operational market surveillance and monetization support, increasing the chance of misuse, regulatory exposure, and deceptive capability creep.

Missing User Warnings

Medium

Confidence: 87% confidence
Finding: The README states that generated summaries are automatically saved and remembered, but it does not clearly warn users about persistent file creation, retention, or the sensitivity of content that may be written to disk. This can lead to unintentional storage of private study notes, copied source material, or sensitive prompts in a predictable workspace location, which is a real privacy and data-governance issue even if the feature is intended as convenience.

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The skill states it will save learned content to a local `learned/` folder and build cumulative knowledge over time, but it does not clearly warn users that their prompts, summarized content, or derived material may be written to disk automatically. This creates a privacy and persistence risk because sensitive user inputs or copyrighted/internal source material could be stored unintentionally and remain available to later users, tools, or processes.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill advertises searching a local `dharma/` folder and also querying external web sources, but it does not warn that local content or user questions may be transmitted to third-party sites or services. This is dangerous because users may assume all analysis is local, while sensitive notes, transcripts, or personal study materials could influence outbound queries and leak private information.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The document recommends client-facing bots for FAQs, complaints, scheduling, and lead handling without any safeguards around privacy, data handling, accuracy, consent, or regulatory compliance. If operators follow this guidance, they could deploy systems that mishandle personal or business data, provide incorrect information to customers, or create liability in regulated interactions.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The file proposes AI-driven Buddhist coaching and on-demand coaching sessions without warning about the limitations of automated guidance, risk of harmful advice, or the need for human oversight. In a spiritual or coaching context, users may place undue trust in the system, creating heightened risk of psychological harm, misguidance, or inappropriate handling of vulnerable individuals.

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The document gives generalized activation guidance for advanced spiritual/psychological practices without tightly defining who should use it, under what prerequisites, or when it should not be followed. In an autonomous learning skill, that ambiguity can cause vulnerable users to self-apply destabilizing practices outside safe contexts, especially because the content frames these methods as a progression toward higher consciousness.

Missing User Warnings

High

Confidence: 95% confidence
Finding: The file introduces actionable instructions for breathwork, shamanic journeying, lucid dreaming, and psychedelic use before presenting strong safety warnings and contraindications later in the document. Users may act on the early practice guidance without reaching the later warnings, which is especially dangerous because the skill context presents the material as practical activation methods for transcendent states and includes high-dose psychedelic references.

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The query string "Replicate the $101K weather trading student system" is broad and optimization-oriented, making it likely to match requests about copying a profitable system rather than a narrow, safe educational use case. That increases the risk that the agent will surface or operationalize trading-adjacent content for users seeking circumvention, arbitrage, or monetization help.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The document describes continuous monitoring, Telegram alerts, email digests, and automated drafting workflows without clear safeguards around data handling, recipient consent, outbound messaging, rate limits, or operational review. Even if the underlying weather data is public, the automation and external communications create privacy, abuse, and unintended-action risks that are not disclosed or controlled.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal