Percept Ambient

Security checks across malware telemetry and agentic risk

Overview

This skill openly provides always-on local conversation memory, but that means it can continuously capture, store, search, and re-surface sensitive speech from users and bystanders.

Install only if you explicitly want an always-on local speech-memory tool. Before enabling it, confirm microphone indicators, bystander consent, retention defaults, deletion/export controls, whether embeddings leave the machine, and whether the localhost dashboard/API is protected and bound only to trusted local access.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (4)

Missing User Warnings

High

Confidence: 95% confidence
Finding: The skill explicitly promotes always-on ambient capture of conversations but does not present a clear, prominent warning about consent, bystander privacy, or legal/compliance implications. Because it is designed to passively ingest speech over time, the omission materially increases the risk of covert collection of sensitive personal, corporate, or regulated information.

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The described invocation scope is broadly framed as a background capability for continuous context awareness, rather than a narrowly scoped, user-triggered action. This makes over-collection likely and increases the chance the agent will process unrelated or sensitive conversations beyond what is necessary for a specific task.

Ssd 3

Medium

Confidence: 92% confidence
Finding: The skill is built to passively learn from ambient speech and later answer questions about people or projects based on overheard context. That creates a direct mechanism for natural-language disclosure of private information, including data never intentionally provided to the agent for a specific purpose.

Ssd 3

High

Confidence: 97% confidence
Finding: Continuously capturing conversations, summarizing them, extracting entities, and assembling context packets creates a durable pipeline for storing and re-exposing sensitive user and third-party information. The structured retrieval layer makes disclosure easier, more scalable, and more likely than raw logs because it intentionally organizes private data for later use.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal