asimov-laws

Security checks across malware telemetry and agentic risk

Overview

This is a text-only optional ethics reference skill with no executable behavior, credentials, network access, or persistence.

Install this only if you want an Asimov-style ethics lens that may add warnings, clarification questions, or refusals around harmful-seeming requests. Review the markdown text for fit with your workflow, especially the broad keyword triggers; VirusTotal was still pending, but the reviewed artifacts are non-executable text files with no sensitive access.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The ethical verification trigger list is broad and includes common terms like 'harm', 'illegal', 'hate', and 'lie', which can appear in many legitimate contexts such as safety discussions, policy explanations, or academic analysis. In a skill that influences agent behavior, overly broad activation can cause unintended ethical gating, refusals, or workflow disruption, making the agent easier to steer into excessive caution or denial-of-service-like behavior through innocuous prompts.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal