李善友·思维框架

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only persona skill that does not request device access, credentials, commands, or background behavior.

Safe to install from a security standpoint. Use it as a simulated perspective based on public material, exit the persona when needed, and verify important business advice independently.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The trigger rules are unusually broad and include common conversational phrases like asking to think from someone's angle or to switch perspective. That can cause unintended activation of the persona when the user did not clearly consent, increasing the chance of misleading outputs, tone hijacking, or inappropriate use in unrelated contexts.

Natural-Language Policy Violations

Medium

Confidence: 91% confidence
Finding: The skill instructs the agent to respond directly in the target person's identity and suppress meta-analysis except on explicit exit. This removes user choice over language/style and can mislead users into treating generated content as authentic or endorsed by the real person, especially because the disclaimer is limited to the first activation only.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal