Back to skill

Security audit

Vibe-Learning

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only learning-feed skill with disclosed web search and file output, though users should be aware it can trigger proactively from broad waiting-related phrases.

Install only if you are comfortable with the agent using the current conversation to form web searches and creating or overwriting the fixed HTML output file. For confidential work, ask the agent to keep search queries generic or invoke the skill only with an explicit phrase like "vibe learn."

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger list includes very broad phrases such as "I'm waiting," "learn something," and "knowledge cards," and the README also permits proactive activation when the user is merely inferred to be idle. That can cause the skill to activate without clear user intent, increasing the chance of unwanted context consumption, distracting interruptions, or accidental generation based on unrelated conversation state.

Vague Triggers

High
Confidence
96% confidence
Finding
The activation criteria are excessively broad, including generic phrases like 'learn something' and 'any indication' of idle time, plus proactive invocation based on inferred user state. That creates a prompt-squatting risk where the skill may trigger when the user did not explicitly request it, causing unintended web searches, context inspection, and artifact/file generation using current conversation content.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill mandates writing a standalone HTML file to /mnt/user-data/outputs and presenting it, but does not require explicit user consent or clearly disclose that persistent output will be created. Even if the file is benign, silently creating downloadable/browser-openable artifacts from conversation-derived content can surprise users, expose sensitive project context in saved files, and normalize undisclosed filesystem writes.

VirusTotal

55/55 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.