Embodied Task

Security checks across malware telemetry and agentic risk

Overview

This skill only changes the assistant’s communication style and does not request file access, credentials, commands, persistence, or external services.

Install this only if you want the assistant to adopt a more reflective, personal tone during ordinary tasks. Avoid relying on it for high-stakes, medical, legal, financial, or strictly factual work where neutral wording and explicit evidence should take priority.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The invocation guidance is broad enough to apply to almost any user request, which can cause the skill to activate by default rather than in narrowly defined circumstances. In this skill, that broad activation matters because it instructs the agent to infer internal feelings and what it 'senses' about the user, encouraging speculative personalization that can alter behavior across many tasks.

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The 'when to use' conditions are ambiguous and rely on subjective cues like feeling that the user seems 'off' or noticing the agent is on 'auto-pilot.' This creates undefined activation boundaries, increasing the chance the skill will be invoked unpredictably and steer outputs based on ungrounded emotional inference rather than the user's actual request.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal