Relationship Chat Analysis

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed chat-analysis assistant with clear limits around user-supplied files, privacy, and saved outputs.

Install only if you are comfortable processing intimate chat records with an AI agent. Use it with chats you have the right to analyze, avoid unnecessary third-party details, and review any saved report or manifest because local files may persist in backups, sync tools, or search indexes.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The prompt is designed to extract highly sensitive relationship, conflict, and safety-related information from private chat records, including coercion, self-harm, and abuse indicators, but it contains no privacy guardrails, minimization rules, or user-facing handling warning. In this skill context, the omission is more dangerous because the skill explicitly targets long personal chat exports, increasing the chance of collecting, retaining, or over-processing intimate third-party data without adequate consent or caution.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal