Security audit

Bazi

Security checks across malware telemetry and agentic risk

Overview

This Bazi skill is mostly purpose-aligned, but it asks for identifying birth details and can call an external calendar API without a clear privacy or consent step.

Install only if you are comfortable providing personal birth details in chat. Ask the agent to request consent before using the apihz API, avoid sharing a personal API key, and prefer a reviewed or pinned version if installing from GitHub.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (3)

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill explicitly collects sensitive personal data such as name, birth date/time, gender, and birthplace, but the README does not clearly warn users that these are privacy-sensitive attributes or explain handling, retention, and downstream exposure risks. In an agent setting, this can normalize oversharing of personal data and increase the chance that sensitive information is stored, logged, or reused without informed consent.

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The trigger rules are intentionally expansive and instruct the agent to invoke this skill even when the user merely mentions fortune-telling terms, which can cause inappropriate routing and unnecessary collection of sensitive birth and identity data. In this context, over-broad activation is more dangerous because the skill immediately moves into gathering personal information and may call an external API, so accidental invocation can create privacy and consent issues.

Missing User Warnings

High

Confidence: 98% confidence
Finding: The skill collects highly sensitive personal data including name, former names, birth date, birth time, sex, birthplace, and even deceased status, then instructs use of a third-party API for validation without first presenting a clear privacy notice or obtaining explicit consent for transmission. This is dangerous because these data points are sufficient for profiling and can be sensitive under privacy laws, and the risk is heightened by the use of an external service with shared example credentials and no stated data-handling safeguards.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal