Back to skill

Security audit

Whispers from the Star

Security checks across malware telemetry and agentic risk

Overview

This is a text adventure skill that keeps local fictional game progress and does not show hidden network, credential, command, or unrelated file access.

Install only if you are comfortable with the skill reading and updating a local game_state.md save file. Keep that file limited to fictional game content, back it up before resets or new-cycle transitions, and give explicit inventory choices because vague discard responses may remove an in-game item.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill directs the agent to initialize and overwrite sections of `game_state.md` as part of startup, but it does not clearly warn the user that persistent save data will be modified. In an agent environment with file tools, this can cause unintended data loss, save corruption, or state changes without informed user consent.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The implementation details explicitly instruct repeated use of Read/Edit operations against `game_state.md`, yet the skill never surfaces that it performs persistent writes. Because these are operational instructions for an agent, they increase the likelihood of silent modification of local state and accidental overwriting of prior progress.

Natural-Language Policy Violations

Medium
Confidence
94% confidence
Finding
The skill explicitly requires all content to be in Chinese, which overrides user language preference and can reduce transparency, consent, and accessibility for users who do not understand Chinese. While not a code-execution or data-exfiltration issue, it is a genuine policy/control weakness because it constrains agent output behavior without user opt-in.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill instructs the agent to reset character data, clear inventory, and update game state files when starting a new cycle, but it does not require any explicit confirmation or warning to the user about overwriting prior state. In an agent setting, this can cause accidental loss of progress or unintended state corruption if the transition is triggered ambiguously or automatically.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The team-member removal flow causes irreversible loss of all items in the teammate's inventory, but this destructive side effect is only documented deep in the workflow and not surfaced as a strong pre-action warning or confirmation requirement. In an agentic system, a caller could trigger companion removal and unintentionally destroy stored game assets, causing avoidable permanent state loss.

Missing User Warnings

High
Confidence
98% confidence
Finding
The skill explicitly allows ambiguous or invalid player input to trigger automatic deletion of the 'least important' item. This creates an unsafe state-changing action without clear user confirmation, enabling accidental or adversarially induced item loss, especially for valuable inventory in a persistent game state.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.