Back to skill

Security audit

Strategic Decision

Security checks across malware telemetry and agentic risk

Overview

This is a coherent strategy-advice skill with local decision-history storage that users should know about before using it for confidential plans.

Install if you want a rigorous strategic-decision workflow. Before using it with confidential product, financing, hiring, or market strategy, know that some modes may save summaries under ~/.strategic-decisions and later read that folder for related prior decisions. Review or delete that folder as needed, and choose the office-hours option only if you trust the local office-hours skill it references.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
97% confidence
Finding
The skill instructs the agent to enumerate files in a persistent local directory to discover prior decisions, which goes beyond transient strategic advice and accesses local state not disclosed in the manifest. This creates privacy and scope-expansion risk because routine use of the skill can reveal or depend on historical local artifacts without clear user consent.

Description-Behavior Mismatch

Medium
Confidence
99% confidence
Finding
The skill directs the agent to persist decision summaries to `~/.strategic-decisions`, but the skill metadata only describes strategic advisory behavior and does not warn about local writes. Undisclosed persistence can leak sensitive business strategy, create unexpected retention, and surprise users who did not consent to storing artifacts on disk.

Context-Inappropriate Capability

Medium
Confidence
96% confidence
Finding
The skill instructs the agent to load and follow another skill file from a fixed local path, effectively chaining execution into external instructions. This expands the trusted instruction surface and can be abused if the referenced file is modified, unexpected, or more privileged than the current skill's stated purpose.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The skill description fails to disclose that it writes persistent decision files to disk, despite detailed instructions later requiring local storage. Omitted disclosure undermines informed consent and increases the risk that sensitive strategic information is retained or exposed contrary to user expectations.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.