cai-chongxin-perspective-v2

Security checks across malware telemetry and agentic risk

Overview

This is a low-risk, instruction-only business persona skill with broad activation and roleplay-style guidance but no system access or hidden behavior.

Install only if you want business and investment discussions framed through this simulated public-figure perspective. Be aware it may activate on broad finance or strategy topics, and avoid treating its outputs as verified professional advice.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The skill uses broad scenario-based trigger phrases such as enterprise finance, M&A, international expansion, and long-term investing, which overlap heavily with ordinary business conversations. This can cause unintended activation, making the assistant adopt a persona and decision framework when the user did not explicitly request it, which may bias outputs and reduce reliability in unrelated contexts.

Natural-Language Policy Violations

Medium

Confidence: 84% confidence
Finding: The skill prescribes a fixed language and stylistic profile, including first-person roleplay, specific rhetorical patterns, and a defined communication DNA, without offering user choice. While not directly harmful, this can misrepresent authorship, override user language preferences, and increase the chance of the model presenting stylized or persona-bound advice as authoritative.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal