Security audit

Org Role Handoff

Security checks across malware telemetry and agentic risk

Overview

This role-perspective skill appears benign: it changes how answers are framed for named organizational roles and does not request data access, installs, persistence, or external services.

Install this only if you want the assistant to answer from predefined organizational perspectives such as IT Director, QA, DBA, developer, designer, or Business Analyst. Treat the responses as role-based framing, not real authority from your organization, and avoid sharing confidential company details unless necessary and sanitized.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The trigger examples near the end are broad natural-language phrases such as 'handle this as Web Developer' or 'review this from the QA perspective' that can match ordinary user requests and unintentionally activate the role-handoff behavior. This is dangerous because role switching can alter the assistant's framing, authority, and output style without a clearly scoped invocation boundary, increasing the chance of incorrect delegation, overconfident advice, or bypass of more appropriate default behavior.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal