Security audit

Astrology Foreteller

Security checks across malware telemetry and agentic risk

Overview

This astrology and tarot skill is purpose-aligned and does not show credential access, data exfiltration, persistence, or destructive behavior, but users should treat its readings as entertainment only.

Install only if you want an entertainment astrology/tarot skill. Be aware that broad trigger words may invoke it unexpectedly, tarot runs may sometimes fail because of an incomplete card database, and any relationship, health, finance, or decision guidance should be treated as reflective entertainment rather than professional advice.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (3)

Intent-Code Divergence

Medium

Confidence: 88% confidence
Finding: The code comments acknowledge a simplified placeholder database, but draw_tarot_card() randomly selects minor-arcana suits including wands, swords, and pentacles that are absent from TAROT_DATABASE['minor']. This can trigger a KeyError and crash the script, creating a denial-of-service condition for normal use of the skill.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The file explicitly presents tarot/divination for health and finance topics, including '健康指导', '投资建议', and '理财规划', without any disclaimer that readings are for entertainment or reflection only. In a user-facing skill, this can encourage reliance on non-evidence-based guidance for medical or financial decisions, increasing the risk of harm through delayed care or poor financial choices.

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The trigger list includes generic terms such as "星座", "配对", "匹配度", "塔罗", and "占卜", which are common in ordinary conversation and can cause the skill to activate when the user did not explicitly request this capability. Unintended invocation can hijack unrelated chats, route user input into the wrong skill, and create confusion or privacy issues if sensitive relationship or personal questions are processed unexpectedly.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal