Don't Starve Guide

Security checks across malware telemetry and agentic risk

Overview

This is a game guide skill that transparently uses a small local profile to remember Don't Starve gameplay facts.

Install only if you are comfortable with the skill keeping a local Don't Starve profile. Use DONTSTARVE_MEMORY_DIR to choose where it is stored, review or delete survivor-profile.json if you do not want memory retained, and avoid adding personal or account information to gameplay notes.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill directs the agent to read and then update a persistent survivor profile in a local config directory, but it does not present a clear user-facing warning or consent step before storing data. Even if the intended fields are limited, persistent storage can accumulate behavioral preferences and gameplay history, and the instructions encourage automatic updates after answering, which increases privacy risk.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal