Back to skill

Security audit

Grant Thinking CN Biology

Security checks across malware telemetry and agentic risk

Overview

This is a text-only skill for advising on Chinese biology grant proposals, with no scripts, tools, credential use, or hidden runtime behavior found.

This appears reasonable to install as a grant-reasoning aid. Users who want tighter control should disable implicit invocation if their platform supports it or invoke the skill only for Chinese biology grant work. As with any AI assistance, avoid pasting confidential unpublished proposal material unless the underlying agent platform is approved for that data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The skill enables implicit invocation but defines no trigger phrases, scope boundaries, or activation constraints. That can cause the agent to invoke this China-specific grant-evaluation skill in loosely related conversations, leading to unsolicited routing, inappropriate jurisdictional assumptions, and reduced user control over when specialized reasoning is applied.

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.