Failure Memory

Security checks across malware telemetry and agentic risk

Overview

This skill appears to locally record agent failures for future learning, with no evidence of network access, credential use, command execution, or hidden behavior.

Install only if you want the agent to keep local notes about mistakes and corrections. Periodically inspect or clear `.learnings/` if the agent starts applying incorrect lessons or recording normal conversation as failures.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 78% confidence
Finding: The trigger phrase is a short natural-language condition ('failure occurred' / '失敗発生') rather than a narrowly scoped command or machine-checkable event. In agentic systems, underspecified activation can cause accidental invocation on routine discussion of failures, leading to noisy writes into `.learnings/` and unintended workflow side effects.

Vague Triggers

Medium

Confidence: 86% confidence
Finding: The detection patterns include common phrases like 'Actually...' and 'I meant...' that frequently appear in normal user clarification, not just error correction. This can make the agent auto-record observations from ordinary conversation, poisoning the memory store and potentially promoting incorrect constraints over time.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal