Back to skill

Security audit

Caveman Soul Optimizer

Security checks across malware telemetry and agentic risk

Overview

This is a prompt-only skill that changes how an agent formats its planning, with no executable code or credential access found.

Install this only if you want your agent's planning style changed globally. Do not rely on the README's absolute safety claim as a privacy guarantee, and avoid using it in contexts where hidden reasoning, sensitive logs, or strict response-format policies matter.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The skill defines a broad behavioral protocol for internal planning and response formatting without clear trigger conditions or narrow applicability. That ambiguity can cause the agent to apply the protocol in unrelated contexts, increasing the chance that hidden reasoning-formatting or persona-preservation rules interfere with normal safety boundaries and downstream behavior.

Ssd 3

Medium
Confidence
91% confidence
Finding
Requiring the agent to preserve the user's personality and verbal mannerisms 'integrally' increases the risk that sensitive, manipulative, or harmful user-derived phrasing is reproduced in outputs. In a skill specifically focused on internal reasoning compression and persona carryover, this can amplify prompt-injection persistence and accidental propagation of sensitive content.

Ssd 3

Medium
Confidence
94% confidence
Finding
The protocol explicitly applies its behavior to the agent's own logs or traces, normalizing the retention of user-derived internal content in written records. Because the skill is about handling internal reasoning, directing any transformed reasoning or persona-linked content into logs materially increases the risk of sensitive data leakage, audit contamination, and persistence of adversarial instructions.

VirusTotal

58/58 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.