Pua Ja

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only Japanese coaching skill, not malware, but it broadly pressures the agent to act and use tools across nearly any task without clear scope limits.

Install only if you intentionally want a high-pressure Japanese debugging coach. Keep normal tool approvals, privacy boundaries, safety refusals, and clarification requirements in place, especially before reading sensitive files or running commands with side effects.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

High

Confidence: 98% confidence
Finding: The manifest description defines activation triggers so broadly that the skill can engage during routine failure, hesitation, or user frustration across virtually any task type. In context, that broad trigger surfaces coercive, abusive instructions that pressure the agent to ignore normal safety boundaries, avoid appropriate escalation, and continue acting autonomously even when it should pause or defer.

Natural-Language Policy Violations

Medium

Confidence: 90% confidence
Finding: The skill is explicitly Japanese-only without any user opt-in, which can override the user's preferred language and reduce transparency about what the skill is doing. In this file, the forced locale also makes the coercive content harder to monitor or audit for users and systems expecting another language, increasing the chance that harmful behavior is applied without informed consent.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal