Web Learner 1.0.0

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed web-research skill with no executable code, persistence, or hidden system access, though users should expect web queries and URLs to leave the agent environment.

Install this only if you want the agent to perform web research. Avoid using it with confidential prompts, private URLs, or sensitive account pages unless you are comfortable with related queries or links being sent to external search, fetch, or browser services.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The trigger conditions are broad enough to activate the skill for many ordinary requests such as 'learn', 'query', or 'report', which can cause unnecessary web access and transmission of user prompts or URLs to external services. In a network-enabled skill, over-triggering increases privacy, consent, and data-exposure risk because the agent may browse externally when the user did not clearly intend that behavior.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill enables external search, fetching, and browser use but does not clearly warn users that their queries, URLs, or referenced content may be sent to third-party network tools. This lack of transparency undermines informed consent and can expose sensitive user inputs to external services or logs.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal