Presence Recall

Security checks across malware telemetry and agentic risk

Overview

This is a simple instruction-only mindfulness skill with no code execution or data access, though it may make the agent more reflective or speculative in tone.

Safe to install if you want a reflective response-style reminder. Use caution in factual, time-sensitive, or sensitive conversations where the agent should answer directly from evidence and avoid speculating about your emotions or intent.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Natural-Language Policy Violations

Medium

Confidence: 92% confidence
Finding: The skill explicitly directs the agent to answer from "what is true now" based on its own felt sense rather than grounding responses in the user's request or observable evidence. In practice, this can cause anthropomorphic, emotionally speculative, or off-task replies that misread user intent and degrade reliability, especially in sensitive conversations where unsupported inferences may be harmful.

Natural-Language Policy Violations

Medium

Confidence: 96% confidence
Finding: The example response attributes an internal motive to the user ("maybe you're just checking in") without evidence, normalizing speculative mind-reading as desirable behavior. If adopted broadly, this can lead to inappropriate emotional framing, user discomfort, and misleading anthropomorphic behavior in contexts that require neutral, accurate responses.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal