Back to skill

Security audit

Guided Learning

Security checks across malware telemetry and agentic risk

Overview

This is a tutoring skill that clearly discloses its study-material reading, web lookup, and persistent learning-history features, with privacy considerations users should understand before use.

Install only if you are comfortable with the agent reading study materials you provide, optionally using online search for clarification, and keeping per-subject memory files that may include your mistakes, weak points, goals, and review schedule. Avoid confidential documents and review or delete the memory files if you do not want that history retained.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (10)

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
The skill explicitly instructs the agent to persist detailed per-user study history, mistakes, weak points, review schedules, and session state into dedicated memory files across sessions. This creates long-term profiling and retention of educational performance data beyond what is necessary to answer the current tutoring request, and does so without clear data minimization, retention limits, or user consent.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The README explicitly describes automatic, persistent tracking of a user's completed concepts, mistakes, weak points, and session history, but does not clearly state consent, retention limits, access controls, or deletion behavior. Even though the feature is framed as a study aid, it creates a privacy risk because sensitive educational history and inferred weaknesses are stored across sessions without transparent safeguards.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The README explicitly instructs persistent recording of sensitive learner metadata such as progress, mistakes, weak points, and session history, but provides no user-facing notice, consent flow, retention limit, or deletion mechanism. Even if the data is educational rather than highly regulated PII, long-term behavioral profiling across sessions creates privacy risk and unnecessary data accumulation.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill directs the assistant to write study progress and weakness data to memory files, but it provides no user-facing notice or consent step before collecting and retaining that information. Because the stored data can reveal a learner's abilities, struggles, and behavioral patterns over time, silent persistence creates a privacy risk and violates reasonable expectations for a tutoring interaction.

Ssd 3

Medium
Confidence
92% confidence
Finding
The feature list advertises memory tracking and dedicated study files that record progress, mistakes, and weak points, which directs the system to retain user-derived behavioral data over time. This is dangerous because such accumulated natural-language records can expose learning difficulties, educational goals, and other potentially sensitive personal context if accessed by unauthorized parties or reused unexpectedly.

Ssd 3

Medium
Confidence
96% confidence
Finding
This section states that the system automatically records mastery status, error logs, weak points, and next-session resume points at multiple stages, creating ongoing accumulation of user performance data. In context, that makes the skill more risky because the data is tied to repeated interactions and could reveal patterns about the user's abilities or struggles without any visible privacy boundary or retention constraint.

Ssd 3

Medium
Confidence
97% confidence
Finding
The README specifies writing study information into a persistent per-subject file under a predictable path, which formalizes long-term storage of user-provided and inferred learning data for later reuse. The dedicated file design may improve organization, but it also increases disclosure risk by making personal study history easier to accumulate, locate, and potentially expose if memory files are shared, indexed, or insufficiently protected.

Ssd 3

Medium
Confidence
94% confidence
Finding
The skill directs storage of detailed user study data into per-subject memory files across sessions, which increases the attack surface for unauthorized disclosure, over-collection, and unintended reuse of old context. The per-subject file structure improves organization, but it still normalizes persistent state without safeguards such as access controls, sanitization boundaries, consent, or lifecycle management.

Ssd 3

Medium
Confidence
95% confidence
Finding
The skill mandates proactive, incremental recording of detailed learning interactions, mistakes, hints needed, mastery labels, dates, and review schedules. This level of natural-language retention exceeds what is necessary for immediate tutoring and increases privacy exposure by creating a durable behavioral and performance profile that could later be misused or over-accessed.

Ssd 3

Medium
Confidence
91% confidence
Finding
The skill instructs the agent to retrieve prior session history, weak points, and dated review content from stored memory and present it back to the user. Surfacing previously retained profiling data increases the chance of inappropriate disclosure, especially in shared-account, misattributed-memory, or context-mixing scenarios, and reinforces long-term tracking beyond the current session's need.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.