Serpico

Security checks across malware telemetry and agentic risk

Overview

This appears to be a low-risk informational skill with minor routing and language-default issues, not evidence of unsafe behavior.

Before installing, expect a narrow informational skill about Serpico and police-corruption history. Be aware it may activate on broad words like whistleblower or corruption even when you are not specifically asking about Serpico.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The trigger list includes broad, common terms such as "whistleblower," "integrity," "corruption," and "NYPD," which can match many unrelated user requests and cause the skill to activate unexpectedly. This is dangerous because it can hijack routing, inject off-topic content, or override a more appropriate skill when users are discussing adjacent topics rather than Serpico specifically.

Natural-Language Policy Violations

Low

Confidence: 81% confidence
Finding: Defaulting to English when the user's language is ambiguous can cause the system to respond in a language the user did not request, which may degrade consent, usability, and accessibility. While not a classic security flaw, it can lead to unintended behavior and weakens predictable user control over skill output.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal