Depression Support

Security checks across malware telemetry and agentic risk

Overview

This appears to be a local depression-support skill, with one minor activation-scope concern but no evidence of hidden access, exfiltration, or unsafe automation.

Before installing, treat this as self-help support rather than medical care. Be aware that a broad phrase like "mental health check" may invoke depression-focused guidance, and use emergency or professional resources for crisis, self-harm, or severe symptoms.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The trigger phrase "mental health check" is broad enough that the skill may activate in contexts where a user is seeking general mental-health support rather than specifically wanting this depression-focused workflow. In a mental-health setting, unintended activation is more sensitive than usual because it can surface condition-specific guidance to vulnerable users who may need different support or crisis routing.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal