Back to skill

Security audit

Digital Persona

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed markdown-only skill for creating deceased-person persona files, with ethical caveats and no executable code or credential handling.

Install only if you intentionally want a deceased-person persona drafting workflow. Treat outputs as speculative simulations, not the person’s real statements, and avoid using generated personas to deceive relatives, impersonate living people, sign documents, or present invented claims as sourced fact.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger list contains broad phrases such as “AI角色”, “digital persona”, and “做个XX的AI”, which can unintentionally match many ordinary roleplay, character creation, or assistant-persona requests. This can cause the skill to activate outside its intended niche and steer users into deceased-person simulation workflows they did not explicitly request, increasing the chance of inappropriate impersonation, consent, or policy-boundary issues.

Natural-Language Policy Violations

Medium
Confidence
74% confidence
Finding
Mandating Chinese as the output language without user choice can override user intent and reduce transparency, especially when source materials, citations, or safety caveats are in other languages. In a skill that reconstructs deceased individuals, forced language output can also distort nuance and make provenance or uncertainty markers less clear to some users.

Natural-Language Policy Violations

Medium
Confidence
89% confidence
Finding
The example persona file prescribes a rigid speaking style, banned phrases, and deterministic emotional-language coupling without indicating that the user can opt out or adjust tone. In an agent skill, this can override user preferences and steer outputs into a specific persona mode, increasing the risk of unwanted impersonation, manipulative framing, or harmful responses when the persona is loaded broadly.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.