Back to skill

Security audit

BTW Coach

Security checks across malware telemetry and agentic risk

Overview

This instruction-only skill provides disclosed English and tone coaching and does not request file access, credentials, network access, persistence, or code execution.

Install this only if you want the assistant to occasionally comment on your English phrasing or tone at the end of normal replies. It appears low risk from a security perspective, but the always-on behavior may feel intrusive in conversations where you did not ask for writing feedback.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The trigger is effectively global: it runs on every user message and performs an unsolicited side-task on normal conversation. Even though the appended note is conditional, the skill still monitors all messages for language and tone, which broadens scope unnecessarily and can cause privacy, UX, and policy-boundary issues by injecting coaching into unrelated interactions.

Natural-Language Policy Violations

Medium
Confidence
91% confidence
Finding
The skill is designed to provide English phrasing and tone corrections proactively, without a clear user request or consent. This can create unwanted behavioral steering, expose sensitive user text to unnecessary analysis, and produce inappropriate corrections in contexts where users did not ask for language evaluation.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.