Back to skill

Security audit

Deep Loop Thinker

Security checks across malware telemetry and agentic risk

Overview

This is mostly a local reasoning helper, but it tells the agent to record user identity/context and future needs after each use without consent, storage, or deletion limits.

Review before installing. Use only if you are comfortable controlling or disabling the feedback-recording behavior, and avoid storing personal, business, emotional, financial, or strategic details unless the user has clearly opted in and there is a defined place, retention period, and deletion method.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (7)

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The skill instructs operators to record user identity descriptors, feedback, and future needs even though the skill’s stated purpose is multi-round reasoning rather than user management or analytics. This creates unnecessary collection and retention of potentially sensitive user-provided information, increasing privacy and misuse risk without a clear functional justification.

Context-Inappropriate Capability

Medium
Confidence
92% confidence
Finding
Labeling the update as a 'user tracking mechanism' is especially concerning in a reasoning skill because persistent tracking is unrelated to the core function of helping think through problems. In this context, the mismatch makes the behavior more dangerous because users may disclose sensitive decision, emotional, or business information while being silently normalized into a tracking workflow.

Description-Behavior Mismatch

Low
Confidence
83% confidence
Finding
The instruction to record user feedback for future iteration extends the skill beyond reasoning assistance into data collection. While less severe than explicit identity tracking, it still encourages retaining user inputs without defining boundaries, which can capture sensitive content from complex personal or strategic discussions.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill directs collection of user identity descriptions and feedback details without any privacy notice, consent flow, purpose limitation, or retention policy. Because this skill targets emotionally significant and high-stakes decisions, the recorded information may include sensitive personal, professional, or strategic data, making the omission more dangerous in context.

Ssd 3

Medium
Confidence
97% confidence
Finding
The instruction to record user feedback and user details creates a clear natural-language data retention risk because it encourages storing information that may contain personal or sensitive context. In a deep-thinking skill designed for important decisions, retained notes can easily include health, financial, emotional, or business-sensitive material.

Ssd 3

Medium
Confidence
94% confidence
Finding
A general directive to track users for iteration normalizes ongoing retention across sessions without any governance. This increases the chance of building longitudinal profiles from repeated high-sensitivity conversations, which is disproportionate to the skill’s reasoning purpose.

Ssd 3

Medium
Confidence
84% confidence
Finding
Even a general instruction to record feedback for iteration can encourage storing raw user prompts or summaries, which may contain sensitive information disclosed during complex reasoning sessions. The danger is amplified by the skill’s focus on long-term decisions, emotional states, and recurring problems, all of which invite intimate or confidential disclosures.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.