Back to skill

Security audit

food balance health checker

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only food balance helper that uses bundled nutrition references and does not request credentials, persistence, code execution, or broad data access.

Install only if you want lightweight nutrition feedback based mainly on Hong Kong and Japanese/Asian reference guidance. Treat its advice as approximate and non-medical, avoid sharing sensitive health details unless you trust your agent’s privacy handling, and consult a qualified clinician or dietitian for health conditions, restrictive eating concerns, pregnancy, sports nutrition, or personalized diet plans.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger criteria are broad enough to activate on many ordinary food mentions, including casual statements like 'just had pizza and coke', with only a vague requirement that the user 'seems to want feedback'. In an agent setting, this can cause over-triggering, unnecessary health/nutrition advice, and misclassification of conversational intent, especially where the user did not explicitly request dietary evaluation.

Natural-Language Policy Violations

Medium
Confidence
81% confidence
Finding
The skill restricts itself to 'Asian population or people living in Asia mainly' and anchors advice to Japan/Hong Kong reference guides without requiring confirmation that those standards fit the user. This can produce mismatched nutritional guidance for users from other populations, ages, or dietary contexts, leading to misleading health advice and unequal treatment without informed user choice.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.