Back to skill

Security audit

Deepthink Expert

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only expert-analysis skill with no executable code, but users should supervise its broad auto-triggered analysis and debugging guidance.

Install only if you want the assistant to enter a more structured expert-analysis mode automatically. Treat its confidence scores and expert labels as reasoning aids, not professional legal, medical, financial, compliance, or security advice. For debugging, require review of proposed diffs, test commands, and any git-history access before allowing changes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The forced-trigger phrases are broad enough to activate expert mode during ordinary conversation, which can cause unintended escalation into a more powerful workflow. In a skill that changes behavior for legal, medical, financial, and security topics, ambiguous activation increases the chance of over-collection, over-analysis, or use of higher-risk subroutines without clear user intent.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The adaptive triggers rely on subjective signals like user hesitation, uncertainty, or contradiction, which lack clear boundaries and can be misinterpreted by the model. This creates nondeterministic privilege/behavior escalation and makes it hard to predict when the skill will invoke more invasive or resource-intensive analysis patterns.

Ssd 3

Medium
Confidence
95% confidence
Finding
The Ralph loop explicitly says each iteration can view prior modifications and git history, which expands the model's context to repository history and potentially sensitive earlier changes unrelated to the task. In a debugging workflow, this can expose secrets, proprietary code evolution, credentials accidentally committed in history, or other unnecessary context to the agent.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.