Academy

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed academy-operations playbook that stores scoped local notes and does not install code, request credentials, or contact services by default.

Install this if you want local help running an academy. Keep ~/academy/ limited to operational summaries and avoid adding identifiable student dossiers, card details, passwords, health information, or other highly sensitive records.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The template explicitly directs the agent to create and maintain a persistent file under `~/academy/memory.md`, which introduces local data retention without any notice, consent, or minimization guardrails. In this skill context, the stored fields include sensitive operational and potentially student-related information, so silent persistence increases privacy, compliance, and unintended disclosure risk.

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The activation guidance is intentionally broad, instructing the agent to activate on common terms like classes, students, teachers, cohorts, enrollments, or academy operations. This can cause the skill to trigger in conversations where the user did not intend academy-specific assistance, increasing the chance of irrelevant intervention, over-collection of business context, or persistence of behavior across sessions if later combined with memory features.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal