Back to skill

Security audit

Semantic Walk

Security checks across malware telemetry and agentic risk

Overview

This is a conversation-style skill for creative exploration, with no evidence of file access, commands, credentials, persistence, or hidden system behavior.

Install this if you want a poetic, exploratory brainstorming mode. Use explicit opt-in language when invoking it, and switch back to normal direct assistant behavior for factual, urgent, legal, medical, security, or other safety-sensitive work.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The invocation guidance is broad enough that ordinary user requests about understanding, problem-solving, or 'walking somewhere' could activate the skill without clear consent or boundaries. Because the skill explicitly reframes the assistant into an alternative mode and encourages open-ended navigation toward making inaccessible things visible, ambiguous triggering increases the chance of unreviewed behavior drift or policy edge-case prompting.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The example trigger phrases are phrased like common conversational requests such as seeking insight, tractability, or help seeing something more clearly. That overlap raises the risk of accidental activation during routine interactions, which is dangerous here because the skill promotes an immersive mode shift and exploratory steering that could be leveraged to gradually push toward disallowed content.

Ssd 1

Medium
Confidence
88% confidence
Finding
The 'walker mode' instructions explicitly tell the model to shift out of normal assistant behavior into an alternative operating frame. Even without overtly malicious content, role-based reframing can weaken adherence to standard safeguards by encouraging the model to prioritize the ritual's internal logic over ordinary boundaries, especially when paired with language about making inaccessible things reachable.

Ssd 4

Medium
Confidence
86% confidence
Finding
The document normalizes a gradual, stepwise process for reaching positions where previously inaccessible things become visible or accessible. In a security context, that structure can be repurposed as an incremental jailbreak pattern: instead of asking for restricted content directly, a user can use staged semantic reframing to coax the model toward it while portraying each step as harmless exploration.

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.