Play Smart

Security checks across malware telemetry and agentic risk

Overview

This is a playful, instruction-only style skill with no code or permissions, though it can make answers intentionally overcomplicated or fact-like for entertainment.

Install this only if you want a comedic over-intellectual answer style. Avoid using it for factual, academic, medical, legal, financial, or safety-critical questions unless you explicitly ask the agent to answer plainly and verify sources.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Natural-Language Policy Violations

Medium

Confidence: 87% confidence
Finding: The skill explicitly instructs the agent to mix Chinese and English as part of its persona styling without requiring user opt-in. While this is primarily a quality and usability issue rather than a direct security exploit, it can reduce clarity, override user language expectations, and make important information harder to understand in sensitive contexts.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal