Back to skill

Security audit

Session Content Classification Assistant

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only chat organizer whose main risk is that it can resurface sensitive text already present in the current conversation.

Use this only when you want the current chat reorganized into Markdown. Review the generated document before sharing it, because it may include sensitive details and timestamps from the conversation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill is explicitly designed to traverse all current session content and reorganize it, but it provides no warning, consent step, or data-minimization guidance before replaying that material. In a chat environment, this can surface sensitive or previously buried content, increasing the risk of unintended disclosure to the user, bystanders, logs, or downstream systems.

Ssd 3

Medium
Confidence
95% confidence
Finding
The instruction to traverse all content in the current session and preserve original meaning creates a direct mechanism for broad reproduction of potentially sensitive chat history. This is more dangerous in context because the skill’s core purpose is aggregation and re-display, which can concentrate dispersed secrets, personal data, or confidential business information into one easy-to-exfiltrate document.

Ssd 3

Medium
Confidence
94% confidence
Finding
Keyword filtering can be used to intentionally mine a session for sensitive terms such as passwords, tokens, legal matters, medical details, or financial information and then aggregate all matching fragments. The bilingual fuzzy-matching support increases coverage and makes extraction more effective, which raises the chance of exposing sensitive content that was not meant to be resurfaced together.

Ssd 3

Medium
Confidence
96% confidence
Finding
The requirement to never modify original content and to attach precise timestamps encourages verbatim replay of session material with metadata that can increase sensitivity, such as revealing when specific statements were made. Exact timestamps and unchanged text can materially aid correlation, auditing, or misuse of exposed content, making disclosure more harmful than a high-level summary would be.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.