nav-profile

[Skill Scanner] Skill instructions include directives to hide actions from user This Navigator Profile skill is functionally coherent with its stated purpose (persisting user preferences and learned corrections locally). I find no direct malware indicators (no network exfiltration, obfuscated code, or hardcoded secrets). However, the automatic silent monitoring of all conversations and the broad tool permissions (Read/Write/Edit/Bash + autonomous_commits flag) create privacy and scope risks. The main concern is unexpected persistent profiling and the potential for the skill to modify files or run commands beyond what a user explicitly requested. Recommend treating this as a privacy/safety risk unless auto-learn is opt-in, writes are sanitized and audited, and autonomous filesystem/command capabilities are limited or require explicit consent. LLM verification: The skill implements legitimate, narrowly scoped functionality (local persistence of user preferences and corrections). The primary security/privacy risk is the AUTO-LEARN feature that monitors all conversation content and silently persists corrections, especially when combined with a static finding indicating instructions to hide actions. There is no evidence in the supplied fragment of network exfiltration or classical malware behaviors, but the design choices permit stealthy local retention o