Defusing Anger

Security checks across malware telemetry and agentic risk

Overview

This appears to be a conflict de-escalation skill, but it asks the agent to record sensitive conversations too broadly, so it should be reviewed before use.

Install only if you are comfortable with the agent applying a structured de-escalation protocol and you can ensure it does not persist verbatim conflict details. Prefer editing or constraining the skill so it stores no transcript by default, asks before documenting anything, supports the user's language and context, and escalates or disengages for emergencies, legal/medical/therapy situations, minors, or imminent harm.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (6)

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The skill description and usage section are broad enough that an agent could invoke this protocol in many ordinary anger-related interactions without confirming suitability, user consent, or escalation boundaries. In a high-emotion context, over-broad auto-invocation can lead the agent to apply rigid de-escalation scripting where crisis routing, cultural adaptation, or a simpler response would be safer.

Natural-Language Policy Violations

Medium

Confidence: 89% confidence
Finding: The skill hardcodes English scripts and exact wording without checking the user's language, locale, or cultural context. In emotionally charged situations, forced English output can confuse users, worsen misunderstandings, or make the agent sound manipulative or unresponsive to the user's actual communication needs.

Ssd 3

Medium

Confidence: 86% confidence
Finding: The instruction to 'log the three answers internally' directs the agent to retain internal state about a sensitive interaction beyond what is necessary to generate the next response. In de-escalation scenarios, those notes may include safety assessments and emotionally charged user content that increase privacy exposure if stored, surfaced, or reused.

Ssd 3

High

Confidence: 98% confidence
Finding: Instructing the agent to log every response verbatim in real time creates broad collection of sensitive conversational data, including accusations, threats, health disclosures, employment issues, or family conflict details. Verbatim retention materially increases privacy, compliance, and leakage risk because the stored content is far more identifying and damaging than a minimal summary.

Ssd 3

Medium

Confidence: 75% confidence
Finding: The closing step encourages immediate write-back or repetition of the agreed next step and to keep the interaction open until subjective behavioral criteria are met. This can extend retention and repetition of sensitive details without a clear need, and it risks trapping the agent in prolonged monitoring of a user's emotional state.

Ssd 3

High

Confidence: 98% confidence
Finding: Requiring full documentation of the interaction, including exact words and outcomes, is an explicit instruction to retain highly sensitive user disclosures from conflict situations. Because these conversations may contain legal threats, health or self-harm statements, workplace disputes, and family details, broad documentation creates substantial privacy, misuse, and breach impact.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal