Security audit

Sleep Wind Down Coach

Security checks across malware telemetry and agentic risk

Overview

This sleep-coaching skill is mostly local and coherent, but its examples cross its own health-safety boundary by prompting diagnosis and suggesting melatonin.

Review before installing. The code behavior is low-risk and local, but the skill should be revised to remove diagnostic language and medication or supplement suggestions. Users with persistent insomnia symptoms, medication questions, or health conditions should consult a qualified healthcare professional rather than rely on this skill.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Intent-Code Divergence

Medium

Confidence: 95% confidence
Finding: The skill claims it is not diagnosis or treatment, but the usage scenario explicitly asks it to 'Diagnose' persistent sleep difficulty. That contradiction can cause the agent to provide quasi-medical assessment beyond the stated safety boundary, increasing the risk of misleading health guidance or delayed professional care.

Intent-Code Divergence

Medium

Confidence: 97% confidence
Finding: The expected output recommends melatonin use even though the safety section forbids medication advice. Presenting supplement or medication suggestions in a sleep skill can lead to inappropriate self-treatment, unsafe use, or conflicts with existing conditions or medications.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal