Back to skill

Security audit

xquads-copy-chief

Security checks across malware telemetry and agentic risk

Overview

This appears to be a copywriting helper with some overbroad and inconsistent wording, but no evidence of hidden execution, credential use, persistence, or external actions.

Reasonable to install for copywriting help. Before relying on it, confirm when it should draft final copy versus only route the request, and be cautious with sensitive email, legal, medical, financial, political, or regulated marketing content.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The skill claims it only diagnoses and routes requests, but the instructions later direct it to switch persona and execute the specialist's copywriting framework itself. This mismatch can mislead supervising systems, users, or policy layers about the skill's actual behavior and expand its effective privileges beyond what the manifest implies.

Intent-Code Divergence

Medium
Confidence
90% confidence
Finding
The documentation explicitly says the skill must not write copy directly, then later instructs it to assume a specialist persona and perform the copywriting task. Contradictory instructions create an integrity and control problem because enforcement mechanisms may rely on the earlier restriction while the later steps bypass it in practice.

Vague Triggers

Medium
Confidence
82% confidence
Finding
The description says to use the skill for any copywriting request, which is overly broad and encourages invocation outside a narrowly defined, least-privilege scope. Broad routing criteria can cause the skill to intercept unrelated or sensitive requests and produce persuasive content in contexts that should require tighter review.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The trigger list includes very broad, common copywriting terms such as "copy" and "email", which can cause the skill to activate in many unrelated contexts. In an orchestrator skill, this increases the chance of unintended routing, prompt hijacking opportunities via accidental invocation, and workflow confusion rather than direct code execution risk.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.