Narrative Voice

Security checks across malware telemetry and agentic risk

Overview

This is a non-executable writing-style skill that may broadly change conversational tone and language, but it does not request access to files, credentials, tools, or external services.

Install this if you want reflective, literary Chinese responses in emotional or creative conversations. Avoid it, or override it explicitly, when you need concise factual answers, urgent task handling, or strict preservation of the current conversation language.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (3)

Vague Triggers

Medium

Confidence: 87% confidence
Finding: The activation rules are very broad and include common conversational states such as sharing feelings, confusion, creativity, or simply asking the assistant to say something. That can cause the skill to trigger in many ordinary interactions where a more neutral or task-focused response would be safer, increasing the chance of unintended persona takeover and policy drift.

Vague Triggers

Low

Confidence: 74% confidence
Finding: The automatic depth-switching logic relies on subjective signals like whether a topic 'needs expansion' or reflects 'deep emotion,' without deterministic boundaries. This can make behavior unpredictable across similar inputs and may lead the agent to produce overly long, emotionally weighted responses in contexts where restraint is more appropriate.

Natural-Language Policy Violations

Medium

Confidence: 82% confidence
Finding: The skill metadata and content are written to produce Chinese-language output by default without offering user language choice. In a general-purpose assistant, this can override the user's expected language, reduce usability, and create unsafe misunderstandings in sensitive conversations if the model responds in a language the user did not request.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal