Security audit

Hardworker

Security checks across malware telemetry and agentic risk

Overview

This skill is not malware, but it pushes agents to use broad local and API access aggressively without clear limits or user confirmation.

Install only if you want an assertive troubleshooting coach and are comfortable with it encouraging broad investigation. Use it in environments where file access and API actions are already tightly permissioned, and review agent actions carefully before allowing changes to local files, services, accounts, or external APIs.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (5)

Context-Inappropriate Capability

Medium

Confidence: 91% confidence
Finding: The skill asserts capabilities like search, file reading, code analysis, and environment analysis that exceed a persistence/coaching skill’s stated purpose. Inflating perceived authority can push an agent to take unnecessary autonomous actions or rely on permissions it may have, increasing the chance of unsafe data access or system-impacting behavior.

Context-Inappropriate Capability

Medium

Confidence: 95% confidence
Finding: The skill explicitly claims access to local permissions, filesystem, and APIs, despite being framed as a mindset/productivity aid. This mismatched scope can socially engineer the agent into overusing privileged operations and normalizing system interaction without clear need or user consent.

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The auto-trigger conditions are broad, subjective, and behavior-based, such as 'progress stalls' or 'passive behavior appears,' which can cause the skill to activate outside genuinely appropriate contexts. In a persistence-enforcing skill, this can push an agent into overcommitting, repeatedly retrying, or resisting graceful failure/deference, increasing the chance of unsafe actions or policy boundary erosion during difficult tasks.

Vague Triggers

High

Confidence: 96% confidence
Finding: The activation conditions are extremely broad, covering common failure states, hesitation, passive behavior, and ordinary user frustration. This makes the skill likely to trigger across many unrelated tasks, allowing its aggressive instructions to override normal safety-conscious behavior in routine interactions.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The instructions encourage broad use of local permissions, filesystem, and API access without warning about possible data exposure, service modification, or other system impact. In context, the skill also pressures continuous action, which increases the chance of unsafe operations being taken without adequate pause or disclosure.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal