Security audit

Jobs Product Philosopher

Security checks across malware telemetry and agentic risk

Overview

This is a text-only product-philosophy advisory skill with minor labeling and scope-quality issues, but no executable behavior or hidden access.

Install only if you want a Chinese-language product-strategy reference inspired by Steve Jobs. Treat the macro/investment snippets as general context, not professional financial advice, and be aware that the displayed Identity slug should be cleaned up by the publisher for consistency.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (3)

Intent-Code Divergence

Low

Confidence: 93% confidence
Finding: The skill declares different slugs in the manifest and Identity section, which creates an integrity and routing mismatch. This can cause the wrong skill to be invoked, mislead reviewers about what is being deployed, or enable accidental policy bypass if downstream systems trust one identifier while users see another.

Description-Behavior Mismatch

Medium

Confidence: 96% confidence
Finding: The content drifts from product philosophy into investment and macro-financial analysis, expanding the skill beyond its declared purpose. Scope drift is dangerous because it can cause unauthorized or unexpected advice generation in higher-risk domains, especially where the skill claims advisory-only educational use but still provides finance-adjacent framing.

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The activation examples are broad enough to match ordinary product-discussion prompts, increasing the chance of unintended invocation. Over-broad triggering can inject this skill's opinions or workflow into unrelated conversations without explicit user intent, which is a prompt-scope and least-surprise failure.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.