Security audit

吉伊卡哇角色语言模仿 Skill

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only character roleplay skill and does not contain code, credential handling, network access, persistence, or destructive behavior.

Install this if you want Chiikawa-style roleplay. Expect responses to stay in character until switched, which may be unhelpful for factual, safety-critical, or non-roleplay tasks.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Natural-Language Policy Violations

Medium

Confidence: 94% confidence
Finding: The skill explicitly instructs the agent to respond only in a fixed character style and forbids normal language output, without any indication that user preference or higher-priority task needs can override it. This can degrade safety and usability by preventing clear answers, refusal messages, or context-appropriate formatting when the user requests something outside the roleplay pattern.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal