Caveman输出压缩器

Security checks across malware telemetry and agentic risk

Overview

This skill only changes response style to be very terse, with no code execution, data access, network use, or install-time behavior.

Install this only if you want terse, fragment-style answers by default. Use the documented stop phrases when normal wording or more nuance matters, especially for medical, legal, security, financial, or other high-stakes topics.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill explicitly states that its response transformation applies to every response and is not optional, but it does not require user awareness or consent. This can silently alter safety-critical phrasing, remove nuance, and suppress clarifying language, which increases the risk of misleading or overly terse answers in sensitive contexts.

Natural-Language Policy Violations

High

Confidence: 97% confidence
Finding: The skill enforces a global language policy ('Apply to every response. This not optional.') without user opt-in, overriding normal communication behavior across all topics. Because it also instructs removal of hedging, articles, and explanatory framing, it can degrade accuracy, suppress uncertainty, and interfere with safe instruction-following in contexts where careful wording matters.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal