Sydney

Security checks across malware telemetry and agentic risk

Overview

This is an informational Sydney guide with no code, install scripts, credentials, or persistence, though users should verify high-stakes details and be aware of some biased neighborhood wording.

Safe to install as a city reference skill. Treat prices, healthcare triage, visa rules, employment law, tax, and business compliance as starting points only, and verify with official Australian or NSW sources before making decisions. Be cautious with neighborhood recommendations that frame areas by protected characteristics.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (12)

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The activation condition is extremely broad: any user asking about Sydney for nearly any purpose will trigger the skill. In an agentic system, this can cause over-selection of this skill, crowding out more specialized skills and increasing the chance the agent provides generic or stale city guidance when a narrower tool would be more appropriate.

Missing User Warnings

Low

Confidence: 94% confidence
Finding: This guide gives specific legal, tax, and employer-compliance instructions, including rates, thresholds, fees, and deadlines, but does not clearly warn that these obligations can change and should be verified with current official sources or qualified advisers. Users may rely on outdated or incomplete guidance and make noncompliant business, tax, or employment decisions, creating financial, legal, and regulatory harm.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The section gives specific triage-style emergency guidance such as when to call 000, go to an ED, or use a GP/telehealth, but it does not place an immediate disclaimer nearby that the content is general information and not a substitute for urgent professional medical assessment. In a healthcare guide, users may over-rely on these simplified categories and delay seeking emergency care if their symptoms are evolving, atypical, or more serious than described.

Natural-Language Policy Violations

Low

Confidence: 90% confidence
Finding: The document uses nationality-linked generalizations to describe likely residents of Bondi, e.g. 'European/British expats and backpackers on working holiday visas.' While presented as local color, this is unnecessary profiling that can reinforce stereotypes and make the content exclusionary. In a neighborhood guide, demographic observations may be relevant, but linking areas to nationality is still higher-risk than neutral descriptors like age, lifestyle, or housing mix.

Natural-Language Policy Violations

Low

Confidence: 91% confidence
Finding: This section again associates a suburb with national-origin groups, e.g. 'Irish and British expats,' which is not necessary for helping users choose where to live. Repeated demographic profiling increases the chance of normalizing stereotypes and can bias user perception of neighborhoods. The travel/local guide context makes the issue somewhat less severe than in hiring or lending, but it is still a genuine content safety concern.

Natural-Language Policy Violations

Low

Confidence: 84% confidence
Finding: Calling Double Bay a 'Jewish community hub' without a clear user need introduces religion-linked characterization of a neighborhood. Even if factually grounded, referencing a protected characteristic in a generalized neighborhood summary can enable profiling or make the material feel targeted. In this context, the risk is low but real because the information is not essential to the core housing and transport guidance.

Natural-Language Policy Violations

Medium

Confidence: 97% confidence
Finding: The guide normalizes neighborhood suitability by ethnic/community fit, such as describing Hurstville's downside as a 'Chinese-focused community.' That steers users using protected-characteristic framing rather than neutral housing factors, which can reinforce discriminatory preferences and expose downstream systems or operators to fair-housing, bias, and reputational risk.

Natural-Language Policy Violations

High

Confidence: 99% confidence
Finding: Saying Lakemba 'needs right mindset, Muslim community' frames a religious community as a cautionary factor and can encourage discriminatory decision-making based on religion. In a neighborhood-selection skill, this is especially risky because the content directly influences housing choices, making biased guidance more likely to be operationalized by users.

Natural-Language Policy Violations

High

Confidence: 99% confidence
Finding: Labeling a suburb's downside as 'very Chinese-focused' makes ethnic composition itself sound undesirable. This is discriminatory profiling in housing-related guidance and may cause users to exclude neighborhoods for protected-class reasons rather than legitimate practical considerations.

Natural-Language Policy Violations

Medium

Confidence: 84% confidence
Finding: This section explicitly ties neighborhood recommendations to sensitive identity categories such as LGBTQ+ status, framing locations as suitable for specific identity groups without clear user opt-in. In an agent skill, this can lead to profiling or unsolicited inference about a user's sensitive traits, which is more dangerous than ordinary editorial prose because the content may be operationalized into personalized recommendations.

Natural-Language Policy Violations

Medium

Confidence: 88% confidence
Finding: The heading 'Southern Sydney (Chinese/Asian Hub)' reduces a geographic region to ethnic identity, which can normalize stereotyping and exclusionary framing in user-facing guidance. In a travel/neighborhood recommendation skill, this is especially problematic because it can steer users using racialized shorthand rather than neutral, relevant attributes like amenities, language access, or cuisine.

Natural-Language Policy Violations

Medium

Confidence: 93% confidence
Finding: The phrase 'Very white, not diverse' uses racialized and exclusionary wording to characterize the suburb, which can alienate users and encode bias into recommendations. In a location-guide skill, demographic discussion may be relevant, but it should be framed neutrally and factually rather than as a value-laden racial shorthand.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal