Cb User Persona Builder Publish

Security checks across malware telemetry and agentic risk

Overview

This is a text-only persona-building guide that does not request code execution, credentials, or external access.

This skill appears safe to install as a guidance-only persona framework. Treat any personas it helps generate as assumptions to validate with real research, and avoid entering confidential customer or business data unless you are comfortable using it in the conversation.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Natural-Language Policy Violations

Low

Confidence: 95% confidence
Finding: The manifest sets "language": "en", which indicates the skill is constrained to English. Under the policy rules, forcing a specific language without offering user choice or documenting a justified locale constraint is a natural-language policy violation.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal