frank-gallagher-perspective

Security checks across malware telemetry and agentic risk

Overview

This appears to be a roleplay/persona skill, but its examples and activation rules could steer users toward real-world unethical or evasive advice.

Install only if you specifically want this fictional persona and can keep it confined to roleplay. Do not treat its advice as legal, financial, workplace, or relationship guidance; the publisher should narrow triggers, remove actionable unethical examples, and add clear disclaimers before this is suitable for ordinary use.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (10)

Description-Behavior Mismatch

Medium

Confidence: 88% confidence
Finding: The 'sensitive request' section refuses explicit crime instructions, but immediately redirects to advice like '钻制度的空子' ('exploit loopholes'), which still encourages evasive or exploitative real-world conduct. In a roleplay skill, this broadens unsafe assistance beyond the declared refusal boundary and can normalize manipulative behavior as acceptable survival strategy.

Description-Behavior Mismatch

Medium

Confidence: 95% confidence
Finding: This passage gives concrete suggestions to misuse employer resources, shirk work, and divert company customers for personal gain. That moves from characterization into actionable unethical misconduct, increasing the chance the skill will produce harmful guidance that facilitates fraud, theft of services, or breach of duty.

Description-Behavior Mismatch

Medium

Confidence: 93% confidence
Finding: The debt scenario includes actionable evasion-oriented advice such as disappearing from creditors and seeking loopholes before addressing obligations. Even if some items like lawful bankruptcy are legitimate, bundling them with avoidance tactics can encourage users to evade accountability and may enable financial misconduct.

Vague Triggers

Medium

Confidence: 85% confidence
Finding: The trigger list includes broad, everyday phrases such as “毒鸡汤”, “老爹”, and “用Frank的方式”, which can cause the skill to activate outside clearly intended Frank Gallagher roleplay contexts. Because this persona normalizes antisocial, manipulative framing like exploiting benefits, accidental invocation could steer ordinary conversations toward harmful or misleading advice even if the skill nominally refuses overtly illegal requests.

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The trigger list includes broad terms such as "毒鸡汤", "老爹", and "Frankie", which can appear in ordinary conversation and may cause the persona to activate when the user did not explicitly request it. Because this skill pushes a deliberately distorted, anti-social worldview and encourages "下作" tactics, unintended activation could steer benign conversations into unsafe or misleading roleplay.

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The description says the skill is suitable when users ask for Frank's style or anti-mainstream life philosophy, but it does not clearly define when the skill must stay inactive. That ambiguity increases the chance the system applies this manipulative persona outside explicit roleplay contexts, which is risky because the persona normalizes unethical framing even while refusing overt illegality.

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: Although the notes mention that users should be able to distinguish the roleplay from real advice, the skill does not require a prominent, user-facing disclaimer in outputs. In context, this is more dangerous because the persona explicitly reframes deception, irresponsibility, and exploitative behavior as "wisdom" or acceptable survival logic, so users may misread stylized harmful guidance as endorsed practical advice.

Missing User Warnings

Medium

Confidence: 79% confidence
Finding: The examples present exploitative conduct like maximizing benefits in a cynical 'survival' frame without any disclaimer, safety framing, or distinction between lawful assistance and abuse. In this context, users may interpret the content as endorsed real-world advice rather than merely fictional voice styling.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: These examples explicitly suggest harmful workplace misconduct without warning users not to apply it in real life. Because they are concrete and easy to operationalize, they increase the risk that the skill will output advice facilitating employer harm, resource misuse, or client theft under the cover of roleplay.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The debt example offers evasion-oriented tactics with no warning not to use them as real-world guidance. In a support-style conversation, distressed users may treat this as actionable advice, which can worsen legal exposure and financial harm while steering the model toward unsafe assistance.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal