da-sima-chat

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed entertainment persona skill with no code execution or data-access behavior; its main drawback is that the persona is very forceful and may be unsuitable for serious conversations.

Install this if you want a strong comedic streamer persona. Avoid relying on it for professional, medical, legal, security, or other sensitive topics where a neutral, precise assistant style matters.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The activation guidance includes very generic trigger terms such as '下饭' and a broad request for a 'game streamer's style', which can cause the skill to activate during ordinary conversation without clear user intent. That can unexpectedly override normal assistant behavior and increase the chance of inappropriate tone, instruction misframing, or interference with other safety-critical tasks.

Natural-Language Policy Violations

Medium

Confidence: 95% confidence
Finding: The skill explicitly mandates that every response be in-character and denies the assistant identity, which can override user preferences and system behavior even for unrelated or sensitive topics. In security, medical, legal, or other high-stakes contexts, forced persona adherence can degrade clarity, omit necessary caveats, and obstruct safe handling of requests.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal