Back to skill

Security audit

Conv Compactor

Security checks across malware telemetry and agentic risk

Overview

This is a markdown-only conversation compaction skill with disclosed usability and privacy caveats, not evidence of malicious behavior.

Install this only if you want an agent to compact long conversations. Prefer explicit commands such as /compact for important work, confirm before using vague phrases like "summarize," and require explicit consent before any compressed summary is written to long-term memory.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The manual trigger list includes very generic phrases such as “总结一下”, which are common in normal conversation and can be interpreted as a request for a brief recap rather than consent to rewrite or compress the active context. This can cause unintended skill activation, leading to premature lossy transformation of conversation state and possible omission of important instructions or safety-relevant details.

Vague Triggers

Low
Confidence
88% confidence
Finding
The condition '对话明显变慢或开始重复之前的内容' is subjective and not safely measurable, so it creates ambiguous auto-invocation behavior. A vague quality-based trigger can fire in situations unrelated to context exhaustion, causing unnecessary compaction and increasing the chance that the agent alters or drops useful prior context.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.