Back to skill

Security audit

Recruiting Interview Kit

Security checks across malware telemetry and agentic risk

Overview

This skill is mainly a local recruiting draft generator, with no evidence of network exfiltration, destructive behavior, persistence, or hidden automatic execution.

Use this as a drafting aid, not a hiring decision-maker. Review outputs for bias and legal appropriateness, redact unnecessary candidate personal data, and run the optional script only on input and output paths you trust. The extra dormant audit code is a maintenance/provenance concern, but the shipped behavior is local, disclosed, and bounded.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
88% confidence
Finding
The skill advertises no explicit permissions, yet its instructions indicate local file access and shell execution via python3. This creates a capability transparency gap: users and reviewers may believe the skill is read-only recruiting guidance, while it can invoke scripts over local inputs and outputs, increasing the chance of unintended data access or command execution.

Description-Behavior Mismatch

High
Confidence
97% confidence
Finding
The script's core functionality is a generic file-system, repository, CSV, pattern, and skill-package auditing tool rather than a recruiting interview assistant. This kind of capability mismatch is dangerous because it expands access to arbitrary local content and can be repurposed for unintended reconnaissance or sensitive-data discovery under a misleading skill description.

Context-Inappropriate Capability

High
Confidence
98% confidence
Finding
The pattern scanning logic reads arbitrary files and searches for secrets, internal URLs, and risky shell commands, which is unrelated to interview-kit functionality. In the context of a hiring skill, this materially increases risk because the skill can be used to inspect local repositories or documents and surface sensitive content that users would not expect this skill to access.

Context-Inappropriate Capability

Medium
Confidence
85% confidence
Finding
The helper for recursively listing text files enables broad enumeration of arbitrary directories, which supports repository auditing behavior unrelated to the stated recruiting purpose. While not destructive by itself, it lowers the barrier to collecting contextual information from local files and makes the skill's actual behavior diverge from user expectations.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The trigger examples are short and generic enough to overlap with ordinary recruiting requests, which can cause the skill to activate when the user did not explicitly intend to invoke it. In a hiring workflow, unintended activation can lead to inappropriate generation of interview content or processing of sensitive candidate-related material under the wrong context.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.