Back to skill

Security audit

Prometheus Fire

Security checks across malware telemetry and agentic risk

Overview

This is a conversational self-reflection skill that may ask personal questions, but its artifacts show no code, tool access, network access, or file operations.

Install this only if you want a guided self-reflection prompt system. Use explicit /prometheus invocations, and avoid entering highly sensitive medical, legal, financial, credential, or confidential workplace information unless you are comfortable keeping it in the chat context.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger set includes broad natural-language phrases such as '数字分身', '六个面相', '蒸馏自己', and '和自己对话' that could plausibly appear in ordinary conversation. This can cause unintended skill activation, unexpectedly steering the agent into the persona workflow and eliciting sensitive self-reflection content the user did not mean to provide under this skill.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The example uses ordinary natural-language user input to activate a mode without clearly constraining invocation syntax or scope. In a conversational agent, ambiguous triggers can cause unintended mode activation, leading the system to apply specialized behavior when the user did not explicitly request it.

Vague Triggers

Medium
Confidence
92% confidence
Finding
Several examples show the skill responding to generic problem statements as if they are direct mode invocations, but the document does not define boundaries for when these behaviors should activate. This increases the risk of unintended persona prompting, unexpected behavioral shifts, or overcollection of sensitive user context during routine conversation.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The monthly reflection example implies persistent tracking of invocation frequency and retention of user judgments or 'new materials' without any disclosure about storage, retention, consent, or visibility. Because this skill is designed to elicit introspective and potentially sensitive personal or professional information, undocumented logging materially increases privacy and data-handling risk.

VirusTotal

49/49 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.