Bayesian Thinking

Security checks across malware telemetry and agentic risk

Overview

This appears to be a reasoning-only Bayesian thinking skill with broad activation wording but no evidence of harmful access or hidden behavior.

Install this if you want the agent to use Bayesian-style evidence weighing and probability updates. For medical, legal, financial, security, or other high-stakes decisions, explicitly ask the agent to keep the analysis advisory and use domain-specific safeguards or expert review.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The instruction to apply Bayesian thinking to 'whatever the user is currently working on or asking about' is overly broad and can cause the skill to activate for an extremely wide range of conversations. In agentic systems, this increases the chance of inappropriate routing, prompt interference, or the skill being invoked in sensitive contexts where a generic reasoning framework was not intended.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal