Back to skill

Security audit

witch

Security checks across malware telemetry and agentic risk

Overview

This is a text-only fortune-telling prompt skill with no code execution or hidden data movement, but users should treat its reports as symbolic entertainment rather than real professional advice.

Install only if you want an explicitly invoked Chinese symbolic fortune-telling report. Do not use its outputs for medical, legal, investment, crisis, or other real-world professional decisions, and avoid supplying more personal birth or biographical information than you are comfortable sharing.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Natural-Language Policy Violations

Medium
Confidence
94% confidence
Finding
The skill explicitly requires returning the full report in Chinese, without indicating any user language preference or fallback. This can override the user's expected language, reduce transparency, and make safety-critical disclaimers or limitations less understandable to non-Chinese readers, which is especially relevant because the skill touches symbolic guidance adjacent to high-stakes domains.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The prompt explicitly forbids adding an '仅供娱乐' or similar caution while directing the model to provide formal, authoritative fortune-telling judgments, including sensitive areas like health, law, investment, and major risks. This increases the chance that users will over-trust speculative or symbolic output as actionable guidance, especially because the skill also instructs the model to be decisive and not hedge.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.