Back to skill

Security audit

Deep Thinking

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only architecture-advice skill with broad activation wording but no evident code execution, persistence, credential use, or data exfiltration.

Install this if you want architecture and code-design review help. Expect it to activate broadly on system design, refactoring, scaling, and resilience topics; review or disable it if you prefer narrower skill routing. I found no artifact-backed evidence of credential use, network calls, persistence, or automatic code execution.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The skill description says it should 'automatically apply' for broad categories like multi-step problems, ambiguity, debugging, and any request to think deeply. These triggers are subjective and expansive, which can cause the skill to activate in many contexts where it was not explicitly requested, increasing prompt-surface area and making behavior less predictable.

Vague Triggers

Medium
Confidence
94% confidence
Finding
The 'When to Apply' section relies on subjective conditions such as 'meaningful trade-offs,' 'stakes are high,' and 'touches multiple systems or files' without firm boundaries. In skill-routing systems, this ambiguity can lead to unintended invocation, inconsistent behavior, and unnecessary exposure to instruction conflicts or hidden prompt influence.

Natural-Language Policy Violations

High
Confidence
98% confidence
Finding
This guidance explicitly instructs the model to generate 'inner monologue' style reasoning and example phrases that simulate private deliberation. That conflicts with policies that prohibit exposing chain-of-thought/internal reasoning, and in practice can cause the agent to reveal sensitive intermediate reasoning, policy deliberations, or hidden decision processes to users.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.