Agent

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only agent identity skill with no code, install scripts, credentials, or hidden data movement.

Reasonable to install if you want reusable guidance for an agent's personality, voice, boundaries, and adaptation style. Before using it with persistent memory or powerful tools, define what the agent may do autonomously and make sure remembered preferences can be viewed, corrected, or reset.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: This guidance explicitly promotes remembering core communication preferences, relationship history, trust level, and inferred patterns over time, but it provides no constraints on consent, minimization, retention, or transparency. In an agent skill focused on identity and long-term adaptation, that omission can normalize covert profiling and persistence of user data beyond what the user reasonably expects, increasing privacy and misuse risk.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal