Security audit

Intervention Agent

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only collaboration-memory skill that is transparent about saving preferences and friction patterns, but users should understand the privacy implications before installing.

Install only if you are comfortable with the agent saving summaries of corrections, workflow preferences, and collaboration friction for later reuse. Avoid using it for sensitive work unless you know where that memory is stored and how to inspect, disable, or delete it.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (5)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The README explicitly advertises persistent memory sync and preference learning, but provides no warning or controls around what data is stored, how long it is retained, or whether sensitive user inputs may be persisted. In an AI collaboration tool, this creates a real privacy and security risk because corrections, workflow preferences, and friction logs can easily contain confidential operational data or personal information.

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The skill defines recording scenarios broadly enough that normal collaboration events could be captured and persisted without a clear boundary or explicit user consent. In a memory-enabled assistant, ambiguous triggers increase the chance of over-collection of user behavior, corrections, and workflow details, creating privacy and profiling risk beyond what the user reasonably expects.

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The memory-learning triggers are vague and easily overlap with ordinary phrases like repeated clarification, corrections, or saying '算了', which can cause the agent to infer and store preferences from routine conversation. This makes unintended persistence likely and can lead to inaccurate or sensitive user profiling that survives beyond the current session.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill presents itself as learning from collaboration and building an error notebook, but it does not clearly warn users that interaction history and preferences may be stored. This undermines informed consent and transparency, especially because the stored data can reveal behavior patterns, mistakes, and work habits.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The tool usage section lists memory save/search operations without warning that these tools persist user preference data across interactions. Because the capability is described operationally but not from the user's privacy perspective, users may not realize that conversational details are being stored and later reused.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.