Liuyao Yijing — 六爻易经占卜

Security checks across malware telemetry and agentic risk

Overview

This is a markdown-only Yijing divination skill with disclosed, limited preference memory and no executable code or network behavior.

Before installing, understand that the skill can reuse saved preference notes from specific local MEMORY.md files and may update its own preference file when you explicitly state preferences. Keep those memory files free of sensitive information, and treat divination output about health, finance, legal matters, or major life choices as entertainment or reflection rather than professional advice.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The skill explicitly reads from local MEMORY.md files and may write user preferences without providing a clear user-facing notice at the point of use. This creates a privacy and consent risk because users may not realize personal preference data is being persisted across sessions or shared from a sibling repository path.

VirusTotal

49/49 vendors flagged this skill as clean.

View on VirusTotal