Chat

Security checks across malware telemetry and agentic risk

Overview

This skill locally remembers explicit chat-style preferences and does not show hidden execution, networking, credential use, or exfiltration.

Install only if you are comfortable with explicit style corrections being saved locally under ~/chat and reused later. Review ~/chat/memory.md periodically and use the documented forget behavior for unwanted entries; avoid confirming personal or sensitive information as a preference.

SkillSpector

By NVIDIA

Vulnerability Patterns

Rogue AgentSelf-Modification, Session Persistence
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: This markdown file states that the skill will create `~/chat` on first use and store confirmed preferences in persistent files. Although the scope says it will not store sensitive personal information, it does not clearly warn the user that their interaction preferences will be written to disk and persist across sessions, which is a privacy-relevant behavior for a markdown skill description.

Self-Modification

High

Category: Rogue Agent
Content: slug: chat version: 1.1.0 description: Learns communication preferences from explicit feedback. Adapts tone, format, and style. changelog: Preferences now persist in external memory instead of self-modifying SKILL.md metadata: {"clawdbot":{"emoji":"💬","requires":{"bins":[]},"os":["linux","darwin","win32"]}} ---
Confidence: 90% confidence
Finding: self-modify

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal