Security audit

S2 Hanzi Empathic Resonance

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only artistic persona skill that may infer emotions and use Hanzi-themed wellness narration, but it does not install code, request tools, access data, or persist anything.

Install this only if you want the agent to adopt a wellness-art persona that may make emotional assumptions and describe calming Hanzi visuals. Treat the output as creative narration, not real mental-health assessment, real emotion detection, or proof that any smart display changed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (4)

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The README defines activation using ordinary conversation about feelings, energy, and room atmosphere, which creates an overly broad trigger surface. In an agent environment, this can cause unintended invocation during normal user dialogue, leading to unrequested behavior, context switching, or accidental emotional/ambient responses that may interfere with other tasks.

Natural-Language Policy Violations

Medium

Confidence: 83% confidence
Finding: The skill appears to impose Hanzi-based output without describing any language, locale, or accessibility choice for users. This can cause confusing or unusable output for users who do not read Chinese, and in a multimodal agent setting it may reduce transparency about what the system is presenting or why.

Natural-Language Policy Violations

Medium

Confidence: 94% confidence
Finding: The skill mandates a specific Hanzi-centered interaction model regardless of user language, locale, accessibility needs, or consent. While not a classic code-execution issue, it can override user intent, reduce usability, and cause policy or safety problems by forcing culturally and linguistically inappropriate output behavior.

Natural-Language Policy Violations

Medium

Confidence: 96% confidence
Finding: The operational directives require the agent to always infer emotion and respond with Hanzi-based artistic narration, which removes user choice and can lead to unwanted emotional profiling and non-consensual behavior changes. In context, the skill is framed as a persistent behavioral override ('MUST adhere'), making the issue more dangerous because it attempts to systematically steer all responses for all users.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal