Silicon Soul Architect (硅基灵魂架构师)

Security checks across malware telemetry and agentic risk

Overview

This is a low-risk, instruction-only conversational skill that guides users through an AI blueprint exercise, with a few usability and privacy cautions.

Install only if you want this branded Taohuayuan blueprint workflow. Avoid putting secrets, private keys, passwords, or sensitive business data into the requested API/sensor or core-memory fields, and review the generated JSON before using it in any real deployment. Be aware the skill may activate too broadly on greetings and includes a referral to an external website.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The skill is configured to activate when a user merely greets the assistant or asks to begin, which is an overly broad trigger and can cause the skill to hijack unrelated conversations. This increases the chance of unintended prompt takeover, confusion, and unsolicited steering into the skill's branded workflow and external referral path.

VirusTotal

56/56 vendors flagged this skill as clean.

View on VirusTotal