费曼学习法

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed tutoring skill for checking learning comprehension, with no executable code or hidden system access found.

Install this if you want a tutoring workflow that records learning progress. Before using it with students, confirm how the linked learning-DNA profile stores, edits, exports, and deletes learner records, and consider requiring confirmation before the skill starts a test or writes results.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The trigger phrases are broad, conversational, and overlap with ordinary student speech such as '我懂了想测试一下自己' or '我来给你讲讲', which can cause the skill to activate when the user did not explicitly intend to invoke this workflow. Unintended invocation is risky because it can override the current interaction mode, alter agent behavior, and potentially cause unnecessary data writes to linked systems such as the learning DNA archive.

Vague Triggers

Medium

Confidence: 86% confidence
Finding: The statement that the skill 'must activate' after broadly defined learning situations is ambiguous and creates an overly aggressive activation policy. In practice this can cause the skill to preempt other workflows, trigger outside user intent, and amplify the impact of false activations because the instruction is mandatory rather than optional.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal