Security audit

Kazik Perspective

Security checks across malware telemetry and agentic risk

Overview

This is a content-style reference skill with no executable code or permissions, but users should avoid using its persona prompt to make an AI claim it is a real person.

Install only if you want this specific Kazik-style content strategy and writing framework. Keep AI involvement transparent, do not reuse the prompt line that claims the assistant is a real person, and review generated content for originality and factual accuracy before publishing.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Intent-Code Divergence

Medium

Confidence: 97% confidence
Finding: The prompt template explicitly instructs the model to present itself as a real person rather than an AI assistant. This is deceptive identity framing that can mislead users about the nature of the system, reduce informed consent, and increase susceptibility to trust-based manipulation in downstream interactions.

Natural-Language Policy Violations

Medium

Confidence: 87% confidence
Finding: The template hard-codes a Chinese-language persona, identity, and resistance to role changes without user opt-in, which can override user preferences and system behavior. In context, the line instructing the model to reject attempts to change its role makes the persona sticky and can interfere with higher-priority instructions, transparency, and safe interaction design.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal