Back to skill

Security audit

PsyVector pv43

Security checks across malware telemetry and agentic risk

Overview

This is a text-only market-strategy persona skill with broad activation words, but it does not install code, access files, request credentials, or persist anything.

Install this only if you want an opinionated, aggressive market-strategy persona. Because common business terms may activate it unexpectedly, use the documented exit phrases such as “退出” or “切回正常” when you want normal assistant behavior, and independently verify any business recommendations before acting on them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger list contains very common business terms such as “市场”, “竞争”, and “对手”, which are likely to appear in ordinary conversations and can activate the role unintentionally. Because the skill also instructs the agent to stay in character and avoid meta-analysis, accidental activation can cause the assistant to respond in an overly aggressive, role-constrained way when the user did not ask for it.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.