sleep-wakeup advisor

Security checks across malware telemetry and agentic risk

Overview

This skill appears to provide simple sleep-cycle wake-up advice without requesting risky access or persistence.

Install if you want sleep-cycle wake-up suggestions. Be aware it may answer some generic wake-up-time requests and may default to Chinese output; ask for clarification or another language when needed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The trigger condition is broad enough that the skill may activate for general wake-up-time questions without clear user intent to use this specific advisor. That can cause unintended interception of ordinary requests and produce constrained or misleading recommendations, especially because the skill also imposes hard ranking and cutoff rules that may not match user needs.

Natural-Language Policy Violations

Medium

Confidence: 84% confidence
Finding: The response template hardcodes Chinese output, which can override the user's preferred language and reduce transparency or usability for users who do not read Chinese. In an agent setting, forced language output can also interfere with accessibility, downstream tooling, or user understanding of time-sensitive recommendations.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal