Shell command execution detected (child_process).
Critical
- Code
- suspicious.dangerous_exec
- Location
- node_modules/@types/node/child_process.d.ts:122
Security audit
国央企word文档
Security checks across malware telemetry and agentic risk
Overview
This skill is a disclosed Word document generator that writes user-requested .docx files locally and shows no evidence of hidden credential, network, persistence, or destructive behavior.
Install only if you want a local Word document formatting helper. Be aware that running the CLI writes to the output path you provide, so choose a non-sensitive filename/location and avoid overwriting important files. The marketplace capability tags suggesting wallet or sensitive credential use appear inconsistent with the reviewed artifacts.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
63/63 vendors flagged this skill as clean.
Static analysis
Detected: suspicious.dangerous_exec, suspicious.dynamic_code_execution, suspicious.env_credential_access (+2 more)
Shell command execution detected (child_process).
Critical
- Code
- suspicious.dangerous_exec
- Location
- node_modules/@types/node/cluster.d.ts:302
Shell command execution detected (child_process).
Critical
- Code
- suspicious.dangerous_exec
- Location
- node_modules/@types/node/perf_hooks.d.ts:526
Dynamic code execution detected.
Critical
- Code
- suspicious.dynamic_code_execution
- Location
- node_modules/@types/node/repl.d.ts:40
Dynamic code execution detected.
Critical
- Code
- suspicious.dynamic_code_execution
- Location
- node_modules/@types/node/vm.d.ts:542
Dynamic code execution detected.
Critical
- Code
- suspicious.dynamic_code_execution
- Location
- node_modules/docx/dist/index.cjs:21152
Dynamic code execution detected.
Critical
- Code
- suspicious.dynamic_code_execution
- Location
- node_modules/docx/dist/index.iife.js:21152
Dynamic code execution detected.
Critical
- Code
- suspicious.dynamic_code_execution
- Location
- node_modules/docx/dist/index.mjs:21150
Dynamic code execution detected.
Critical
- Code
- suspicious.dynamic_code_execution
- Location
- node_modules/docx/dist/index.umd.cjs:21154
Dynamic code execution detected.
Critical
- Code
- suspicious.dynamic_code_execution
- Location
- node_modules/jszip/dist/jszip.js:11404
Dynamic code execution detected.
Critical
- Code
- suspicious.dynamic_code_execution
- Location
- node_modules/jszip/dist/jszip.min.js:13
Dynamic code execution detected.
Critical
- Code
- suspicious.dynamic_code_execution
- Location
- node_modules/setimmediate/setImmediate.js:17
Dynamic code execution detected.
Critical
- Code
- suspicious.dynamic_code_execution
- Location
- node_modules/xml-js/dist/xml-js.js:7928
Dynamic code execution detected.
Critical
- Code
- suspicious.dynamic_code_execution
- Location
- node_modules/xml-js/dist/xml-js.min.js:8
Environment variable access combined with network send.
Critical
- Code
- suspicious.env_credential_access
- Location
- node_modules/@types/node/http.d.ts:1390
File appears to expose a hardcoded API secret or token.
Critical
- Code
- suspicious.exposed_secret_literal
- Location
- node_modules/@types/node/crypto.d.ts:1706
File appears to expose a hardcoded API secret or token.
Critical
- Code
- suspicious.exposed_secret_literal
- Location
- node_modules/@types/node/url.d.ts:467
Potential obfuscated payload detected.
Warn
- Code
- suspicious.obfuscated_code
- Location
- node_modules/jszip/dist/jszip.js:1297
Potential obfuscated payload detected.
Warn
- Code
- suspicious.obfuscated_code
- Location
- node_modules/jszip/lib/utils.js:382