Destiny Weaver

Security checks across malware telemetry and agentic risk

Overview

This is a coherent text-based life-simulation game skill that saves game/story files and can generate images, with no evidence of credential theft, command execution, exfiltration, or deception.

Install only if you are comfortable with the skill creating and retaining local game saves, story archives, legacy character data, and generated images. Avoid putting real personal secrets into character names or story content, and use clearer game-prefixed commands if accidental activation would be disruptive.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (10)

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The trigger phrases “翻开命簿” and especially “开始新游戏” are generic enough that they could be invoked during ordinary conversation rather than as deliberate skill activation. In a conversational agent, broad activation phrasing can cause unintended mode switches, accidental state resets, or execution of game logic when the user was discussing the concept rather than issuing a command.

Vague Triggers

Medium

Confidence: 91% confidence
Finding: Aliases like “开始”, “继续”, “状态”, and similar short natural-language commands are highly ambiguous in normal chat and can overlap with unrelated user intent. This increases the risk of accidental command execution, especially in multi-skill or freeform assistant contexts where short commands may be interpreted operationally instead of conversationally.

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The README advertises save/load and persistent story generation behavior without warning users that their inputs, character names, story content, and generated artifacts may be written to disk. In practice, this can lead to unexpected retention of sensitive or personal data and creates privacy and consent risks if users do not realize the game persists content beyond the session.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The “导出小说” command explicitly creates files but the documentation does not warn the user before file creation or explain destination, naming, or persistence behavior. Unannounced export operations can surprise users, leak sensitive story content to local storage, and create unsafe assumptions about ephemeral interaction.

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The documented trigger phrases are very generic (for example, "Continue", "Status", and "Start"), which increases the chance that normal user conversation unintentionally activates the skill. In a chat environment with multiple skills or routing based on loose phrase matching, this can cause unwanted game state changes, unexpected content generation, or accidental access to saved game context.

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The trigger list includes broad generic phrases such as '人生模拟', '回合制', '文字冒险', and '角色扮演', which are likely to appear in normal conversation unrelated to this specific skill. That can cause unintended invocation, leading the agent to enter this skill and begin reading/writing game state or generating content without clear user intent.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill explicitly defines persistent storage under 'stories/[剧本名]/' with files like 'novel.md', 'data.json', 'legacy.json', and generated images, but the user-facing description and workflow do not clearly warn that data will be written and retained. This creates a privacy and consent risk because users may provide sensitive story inputs or roleplay content without realizing it will be persisted across sessions.

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The manual trigger phrase "画一张[描述]" is extremely broad and can be invoked by ordinary conversational text rather than a clearly delimited command. In a roleplay/game skill that continuously interprets free-form player input, this increases the chance of unintended image-generation actions, prompt injection into downstream image tools, or unnecessary resource consumption.

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The phrase "我想看看[某人/某地]" is ambiguous and naturally overlaps with normal gameplay conversation, especially in a story-driven simulation where players often ask to see characters or locations. If used as a trigger, the system may perform unintended image generation or state transitions based on casual dialogue, creating reliability and abuse risks.

Vague Triggers

Medium

Confidence: 87% confidence
Finding: The choice-event trigger treats essentially any user statement of intent ('我想去...', '我想学...', '我想找...', and any other action) as a game action to parse and execute within the simulation. This overbroad matching can cause prompt/intent hijacking, where ordinary user text, meta-instructions, or out-of-game requests are incorrectly consumed as in-game actions, reducing boundary enforcement between gameplay and system control.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal