Back to skill

Security audit

LSP Novel Writer

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward novel-writing helper that creates local chapter files, with the file output disclosed and aligned with its purpose.

Before installing, understand that this skill is meant to create local novel chapter files in ./novels/ within the current workspace. Use it in a directory where generated files are acceptable, review the outline before confirming chapter generation, and check the output before publishing or sharing it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill explicitly performs automatic local file writes for each generated chapter but does not require an explicit user confirmation immediately before writing or clearly warn about the filesystem side effect. In agent environments, silent or assumed file creation can lead to unexpected disk usage, workspace pollution, overwriting of existing content, or writing sensitive/generated material to locations the user did not intend.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.