Back to skill

Security audit

Self Improving + Proactive Agent

Security checks across malware telemetry and agentic risk

Overview

This skill persistently stores local agent memory, but that behavior is disclosed, local, and aligned with its self-improvement purpose.

Install this only if you want the agent to keep local, persistent notes about your corrections, preferences, and repeated patterns. Avoid sharing secrets or sensitive personal details you do not want written into ~/self-improving/, and use the provided forget/export patterns to review or remove stored memory.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The skill’s activation criteria are very broad and trigger on common situations like mistakes, better ideas, or explicit reference to the skill. In practice this can cause the skill to run frequently and collect or modify persistent memory in situations where the user may not expect stateful behavior, increasing privacy and consent risks.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The learning signals section instructs the agent to log corrections and preferences automatically, but the skill does not present a prominent, upfront warning that user statements may be persisted to local files. This creates a transparency and privacy issue because users may disclose preferences or sensitive details without realizing they will be stored.

Autonomous Decision Making

Medium
Category
Excessive Agency
Content
- Pattern used 3x in 7 days → promote to HOT
- Pattern unused 30 days → demote to WARM
- Pattern unused 90 days → archive to COLD
- Never delete without asking

### 4. Namespace Isolation
- Project patterns stay in `projects/{name}.md`
Confidence
83% confidence
Finding
without asking

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.