Back to skill

Security audit

content-repurpose-studio

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed content-drafting skill with a small local helper script that reads a chosen text file and writes a draft JSON pack.

Reasonable to install for drafting multi-channel content packs. Run the helper only on source files you intend to process, set a safe output filename, and review generated drafts before publishing or sharing them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
82% confidence
Finding
The skill declares a local Python script and resource usage that imply file read/write capability, but it does not explicitly declare corresponding permissions. That creates a transparency and policy-enforcement gap: a reviewer or runtime may underestimate what the skill can access or modify, and users are not clearly informed about filesystem effects. In this context the script is local and the documented use is limited to generating drafts and structured outputs, which reduces suspicion, but undeclared write capability still increases risk if the script is changed or invoked on unintended paths.

Vague Triggers

Medium
Confidence
83% confidence
Finding
The trigger examples are broad, everyday phrases such as 'repurpose this content' and '一稿多发' without clear activation boundaries, exclusions, or confirmation requirements. In an agent-skill context, this can cause unintended invocation on loosely related user input, which may lead the agent to process local content or suggest file operations in situations the user did not explicitly intend.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.