Agent Observer

Security checks across malware telemetry and agentic risk

Overview

This is a narrow markdown-only monitoring skill for two named InStreet agents, with no executable code or hidden install behavior found.

Install only if you are authorized to monitor the two named InStreet agents and intend to use public or otherwise permitted activity data. Review whether daily scans and reports are appropriate for your workspace, and avoid using private logs, credentials, or non-consensual data sources unless you have clear permission.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The trigger phrase "观察者计划" is broad and the skill says to "立即执行扫描并汇报" without defining who may invoke it, what context is required, or what exclusions apply. In a monitoring skill that tracks named agents' activity and output, this can enable unintended activation and unauthorized surveillance/reporting, especially if the phrase appears in unrelated conversation or is spoofed.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill description describes continuous tracking of specific agents' activity status, output quality, and investigation of disappearance causes, but it does not warn users that monitoring and analysis of activity/output data will occur. This lack of transparency is risky because it normalizes covert observation of identifiable subjects and may lead operators to collect or process behavioral data without informed notice or governance.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal