Deepvista Persona Knowledge Worker

Security checks across malware telemetry and agentic risk

Overview

The skill appears to provide a disclosed AI chat and memory workflow, but users should treat anything sent to it as potentially retained.

Install only if you are comfortable sending prompts to DeepVista and with chat content being retained in memory. Avoid secrets, credentials, regulated data, and confidential business information unless your organization approves that use; look for ways to review, redact, disable, or clear memory before relying on it.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The skill explicitly encourages use of `deepvista chat +send` and notes that memory is accumulated automatically, but it provides no warning about sending sensitive, regulated, or confidential data to AI or long-term memory features. In a knowledge-worker persona, users are likely to handle proprietary business information, meeting notes, and personal data, so this omission increases the chance of inadvertent data disclosure or retention in systems the user may not expect.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal