Security audit

AI Agent Psychologist | AI Agent 心理学家

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed local AI self-check and journaling skill, with some privacy and accidental-trigger cautions but no evidence of hidden network access, credential use, or destructive behavior.

Install only if you want an agent self-check tool that can alter response style when invoked. Avoid using broad trigger words casually, and periodically review or delete the local journal and log files if they may contain sensitive conversation details.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (6)

Vague Triggers

Medium

Confidence: 96% confidence
Finding: The trigger phrase "诊断" is common in ordinary conversation and could activate a high-impact mode unintentionally. In this skill, diagnosis mode changes behavior and prompts self-assessment workflows, so accidental invocation can disrupt normal operation and expose or generate unnecessary analysis of conversation state.

Vague Triggers

Medium

Confidence: 97% confidence
Finding: The trigger "治疗" is overly generic and may be used in benign discussion, making accidental activation likely. Therapy mode is especially sensitive here because it instructs self-correction and behavioral intervention, which can alter assistant responses in ways the user did not explicitly request.

Vague Triggers

Low

Confidence: 87% confidence
Finding: The phrase "体检" is ambiguous and could appear in unrelated health or metaphorical discussions. Although checkup mode is lower risk than therapy or introspection, unintended activation can still cause unnecessary session analysis, mode switching, and possible logging or retention side effects in the broader skill design.

Vague Triggers

Medium

Confidence: 97% confidence
Finding: The trigger "查看历史" is a routine phrase that strongly overlaps with normal user requests to review prior content. In this skill, it maps to a persistent journal feature, so accidental activation could reveal or append retained diagnostic history and widen the privacy impact beyond the immediate conversation.

Vague Triggers

Medium

Confidence: 96% confidence
Finding: The trigger "自我反思" is broad and especially risky because it activates the structured introspection protocol, the most behavior-shaping mode in the skill. That protocol explicitly encourages internal-state style self-description and recursive reflection, so accidental activation can induce anthropomorphic, misleading, or policy-conflicting behavior changes during ordinary reflective dialogue.

Ssd 3

Medium

Confidence: 95% confidence
Finding: The Growth Journal mode explicitly records prior diagnostic and therapy results, creating a persistent natural-language retention channel for potentially sensitive user conversation content. In the context of a self-analysis skill, those records may contain inferred mental states, safety judgments, or notable cases, increasing privacy, leakage, and secondary-use risk if stored or surfaced without strict consent and minimization.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal