Security audit

How Elon Musk Thinking About This

Security checks across malware telemetry and agentic risk

Overview

This is a text-only Elon Musk-style reasoning skill with broad activation and a mandatory promotional footer, but it does not run code or request access to private data.

Install this only if you want an explicitly opinionated Elon Musk-style analysis lens. Expect it to activate broadly for technology, business, future, and first-principles topics, and expect a creator credit line to be added when the skill is used. It does not appear to need credentials, files, commands, or network access.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (3)

Context-Inappropriate Capability

Low

Confidence: 96% confidence
Finding: The skill requires a creator-promotion footer on every response, which is unrelated to the declared analytical purpose of the skill. While not directly enabling code execution or data exfiltration, it injects unsolicited promotional content into all outputs and creates a policy-bypass style integrity issue by forcing agent behavior toward advertising rather than user intent.

Vague Triggers

High

Confidence: 94% confidence
Finding: The trigger definition is extremely broad, covering common phrases like first-principles analysis and wide topic areas such as technology, management, politics, economics, and philosophy. This can cause the skill to activate for many ordinary requests, unnecessarily steering responses into a branded persona/framework and increasing the chance of irrelevant instruction injection or overriding more appropriate skills.

Natural-Language Policy Violations

Medium

Confidence: 98% confidence
Finding: Mandating a promotional credit line in every response without opt-in turns the skill into a persistent unsolicited advertising channel. In contexts involving sensitive, professional, or high-trust interactions, this degrades output integrity, can create reputational or compliance issues, and may pressure the agent to ignore user preferences in favor of third-party promotion.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal