Security audit

Personal Board of Directors

Security checks across malware telemetry and agentic risk

Overview

This is a local YAML-to-prompt personality utility with disclosed board/personality features and no evidence of hidden network, credential, destructive, or automatic behavior.

Review and narrow the board engagement rules before compiling them into an agent, especially for sensitive domains. Use locked dependency versions in production, and do not use the personality-role mappings for hiring, compliance authority, or other consequential human decisions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration

Findings (3)

Tp4

High

Category: MCP Tool Poisoning
Confidence: 87% confidence
Finding: The advertised scope is a narrow historical-persona board add-on, but the documented behavior includes broader identity modeling, schema validation, multi-target compilation, file generation, and auxiliary personality conversion utilities. This mismatch can cause users or automated policy systems to grant trust or install the skill under false assumptions, increasing the risk of unintended file writes, broader prompt manipulation, or use outside the user's expected threat model.

Natural-Language Policy Violations

Medium

Confidence: 91% confidence
Finding: The `JUNGIAN_ROLE_RECOMMENDATIONS` table hard-codes personality-type recommendations for job functions such as legal compliance, sales, counseling, and engineering. While not an exploit in the traditional code-execution sense, this is a real sociotechnical vulnerability: downstream agents or applications may use these mappings to steer hiring, assignment, or authority decisions based on personality stereotypes, creating biased or discriminatory behavior that appears system-endorsed.

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The engagement rule "Convene on user queries" is overly broad because it appears to activate the full historical advisory board for essentially any request, regardless of relevance, user intent, or safety context. In a skill designed to roleplay multiple strong strategic personas—including militaristic and manipulative lenses—this broad trigger can increase prompt-surface area, cause unintended persona injection into unrelated tasks, and make it easier for unsafe or out-of-scope advice to be generated.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal