PsyVector pv52

Security checks across malware telemetry and agentic risk

Overview

This is a Chinese crisis-consultant persona skill, but it asks the agent to use tools and retrieve unspecified internal data without clear permission boundaries.

Install only if you want a Chinese crisis-consulting persona. Use it with tool access limited: require explicit approval before web searches, do not provide confidential incident details to search tools, and restrict or disable internal data connectors unless you have defined exactly what the agent may read.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The trigger words are broad, common crisis-related Chinese terms such as '风险', '紧急', and '出问题', which are likely to appear in ordinary conversations outside the intended role-play context. This can cause unintended activation of the skill, forcing a persona and workflow shift when the user may only be mentioning a general concern, reducing reliability and potentially distorting downstream guidance.

Natural-Language Policy Violations

Medium

Confidence: 84% confidence
Finding: The skill is written to respond directly in a Chinese persona without offering user language selection or clarifying locale constraints. In multilingual or mixed-language environments, this can cause misunderstanding of crisis advice, improper execution of urgent steps, or exclusion of users who cannot accurately interpret the output.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal