Hidden Instructions
High
- Category
- Prompt Injection
- Content
ricoeporextenso,sehouver).Anexoudocumentosaoprocesso,∗∗incluindoinforma c \c o ~
- Confidence
- 98% confidence
- Finding
-
Security audit
habilidades xxxxxxxx
Security checks across malware telemetry and agentic risk
Overview
The skill has no executable code, but some legal reference files include role-changing and memory-like instructions that could steer the assistant beyond simple WhatsApp legal Q&A.
Install only after reviewing the reference files carefully. The main risk is not malware; it is that embedded prompt-style legal templates may change how the assistant behaves, overstate authority, request sensitive voter data, or try to persist instructions. The publisher should clean the references so they are source material only, remove memory/persistent-learning directions, and clearly limit any handling of personal electoral data.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (9)
Hidden Instructions
High
- Category
- Prompt Injection
- Content
snotifica c \c a ~
- Confidence
- 98% confidence
- Finding
-
Hidden Instructions
High
- Category
- Prompt Injection
- Content
cnicaouprodu c \c a ~
- Confidence
- 98% confidence
- Finding
-
Hidden Instructions
High
- Category
- Prompt Injection
- Content
raronestetipoderepresenta c \c a ~
- Confidence
- 98% confidence
- Finding
-
Hidden Instructions
High
- Category
- Prompt Injection
- Content
s[eventualprodu c \c a ~
- Confidence
- 98% confidence
- Finding
-
Hidden Instructions
High
- Category
- Prompt Injection
- Content
odeprovas],afasedecoletadeprovasfoiencerrada.Aspartesderamsuasargumenta c \c o ~
- Confidence
- 98% confidence
- Finding
-
Hidden Instructions
High
- Category
- Prompt Injection
- Content
esfinais.Astentativasdeconcilia c \c a ~
- Confidence
- 98% confidence
- Finding
-
Hidden Instructions
High
- Category
- Prompt Injection
- Content
oresumodocaso.”Diretrizessobreafundamenta c \c a ~
- Confidence
- 98% confidence
- Finding
-
Hidden Instructions
High
- Category
- Prompt Injection
- Content
o01de07(adaptadoparaeleitoral−pesquisaseleitorais):Nafundamenta c \c a ~
- Confidence
- 98% confidence
- Finding
-
VirusTotal
63/63 vendors flagged this skill as clean.
Static analysis
No suspicious patterns detected.