Self Improving Agent 3.0.16

Security checks across malware telemetry and agentic risk

Overview

This skill keeps local learning notes and optional reminders; its persistence risks are disclosed and aligned with its purpose.

Install this only if you want persistent local learning logs. Keep entries minimal and redacted, do not store secrets or raw command output, prefer project-local .learnings when possible, and review anything before promoting it into prompt or workspace memory files. Enable the command-output error detector only in trusted workspaces.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 82% confidence
Finding: The top-level usage guidance says to use the skill for very common situations like failures, corrections, outdated knowledge, and better approaches, which are frequent in ordinary conversations. Over-broad invocation criteria can cause the skill to activate excessively, leading to unnecessary persistence, log growth, and repeated prompts to write project files even when the user did not ask for memory or state changes.

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The detection triggers rely on everyday phrases such as 'Actually...' or 'Can you also...' that commonly appear in normal chat. In an agent system, these broad heuristics can spur automatic logging of benign user speech into persistent files, creating privacy, data-retention, and unwanted statefulness risks without meaningful user intent to store that information.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal