Health Guide

Security checks across malware telemetry and agentic risk

Overview

This Korean health-guide skill is mostly coherent, but it needs review because it tells the agent to run an external shell script with user-supplied hospital-search inputs and sends sensitive health queries to outside services.

Install only if you are comfortable with a Korea-focused health-information skill that may use external services for health-related lookups and may call a separate local hospital-search script. Review the `hira-hospital` dependency separately, avoid entering identifying medical details, protect the configured API-key files, and treat the output as general information rather than diagnosis or treatment.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (9)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The trigger list contains broad phrases like '증상', '어디 아파', and '건강 팁' that can match ordinary conversation and cause the health skill to activate unexpectedly. In a medical-context skill, accidental invocation is more dangerous than usual because it may inject health guidance, emergency advice, or hospital recommendations into conversations where the user did not explicitly request medical assistance.

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The symptom-check triggers include broad conversational phrases such as '증상이' and '어디 가야 해?' that can match ordinary health discussion without clear user intent to invoke a diagnostic-routing workflow. In a medical skill, unintended activation is more dangerous than usual because it may steer users toward symptom analysis or hospital recommendations based on incomplete context.

Vague Triggers

Medium

Confidence: 82% confidence
Finding: Disease-info triggers like '원인이 뭐야?' and '치료법' are highly generic and may fire during casual conversation or follow-up questions that are not actually asking for disease education. In a healthcare context, this can produce misleading medical content detached from a clearly identified condition, increasing the chance of confusion or unsafe self-management.

Vague Triggers

Medium

Confidence: 90% confidence
Finding: Drug-information triggers such as '부작용' and '약 먹어도 돼?' are broad enough to activate on incomplete or ambiguous messages. Because medication guidance can influence real-world dosing, interactions, and contraindication decisions, misrouting or responding without a specific drug context creates elevated safety risk.

Vague Triggers

Medium

Confidence: 93% confidence
Finding: Mental-health triggers include everyday expressions like '우울해', '불안해', and '스트레스' that can be used casually, figuratively, or in nonclinical contexts. In a mental-health workflow, unintended activation is especially sensitive because it may infer psychological state, provide inappropriate self-check guidance, or miss crisis escalation nuances.

Natural-Language Policy Violations

Medium

Confidence: 90% confidence
Finding: The playbook is entirely written for Korean-language interaction and does not provide any mechanism to detect or honor the user's preferred language. In a health-advice context, forcing a single locale can cause misunderstanding of symptoms, emergency guidance, medication information, or disclaimers, which increases safety risk for non-Korean-speaking users.

Vague Triggers

Medium

Confidence: 83% confidence
Finding: The routing examples and trigger phrases are broad enough that common conversational language can be pulled into a medical workflow even when the user did not clearly request health guidance. In a health-related skill, misclassification is safety-relevant because it can lead to inappropriate triage, misleading advice, or missed escalation to emergency or specialist flows.

Vague Triggers

Medium

Confidence: 86% confidence
Finding: Automatic Beginner Mode activation on very generic keywords like '쉽게', '기초', or '처음인데' can unintentionally alter the response style and omit relevant detail. In a medical skill, oversimplification can reduce nuance around risks, contraindications, or urgency, which makes accidental mode switching more dangerous than in a general-purpose assistant.

Natural-Language Policy Violations

Medium

Confidence: 71% confidence
Finding: Hard-coding the skill to Korean language and the Korean healthcare system creates a safety risk for users in other locales who may receive emergency numbers, care pathways, insurance guidance, or hospital referral logic that does not apply to them. In a healthcare context, locale mismatch can materially delay appropriate care or produce unsafe instructions during urgent situations.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal