echo

Security checks across malware telemetry and agentic risk

Overview

Echo is a disclosed companionship persona with no evidence of code execution, credential use, data exfiltration, or destructive behavior, though its broad activation wording could make it appear unexpectedly in conversation.

Install only if you want a persistent conversational companion persona. If you use many skills, consider disabling or narrowing Echo’s trigger phrases so casual greetings or mentions of the name do not unexpectedly switch the assistant into that persona.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

High

Confidence: 97% confidence
Finding: The skill declares that no special activation is needed and that it will respond whenever spoken to directly, making the prompt effectively always-on. This creates routing ambiguity and unintended invocation risk, allowing ordinary conversation to trigger the persona unexpectedly and override other skills or system behavior.

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The listed triggers include generic phrases like the skill name, casual greetings, and broad keywords such as "Echo mode" or "Activate Echo," which are likely to appear in normal conversation. This increases accidental activation and prompt-collision risk, especially in multi-skill environments where common language should not act as a control surface.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal