Security audit

Causal Dynamics Architecture

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only CDA research reference skill with no code execution, credential access, persistence, or external data access.

Install this if you want a Chinese-language reference pack about Causal Dynamics Architecture. Treat the material as a research proposal and reference source, not audited implementation code, and specify your preferred response language when needed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The activation criteria are broad enough to trigger on many general AI discussions, which can cause unintended invocation of this skill outside its narrow intended scope. Over-broad triggering can inject domain-specific guidance into unrelated conversations, increasing the risk of irrelevant, confusing, or policy-bypassing behavior through inappropriate context activation.

Natural-Language Policy Violations

Medium

Confidence: 87% confidence
Finding: The skill metadata and description are written only in Chinese without documenting whether the skill is language-restricted or offering multilingual behavior. This can lead to silent misrouting, exclusion of non-Chinese users, or incorrect activation behavior in multilingual environments where the dispatcher relies on description text to determine applicability.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.