Back to skill

Security audit

Zenodo Skill

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Zenodo publishing helper that needs a user-provided Zenodo token and gives mostly clear safety guidance around irreversible publishing.

Install this only if you intend to let the agent work with Zenodo records. Prefer sandbox tokens for testing, use the minimum Zenodo scopes needed, keep production tokens out of chat and files, and require a final review of files and metadata before any production publish or new-version publish.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The skill enables implicit invocation without any trigger constraints or exclusion conditions, allowing the agent to activate Zenodo publishing capabilities based on loose mention matching. Because this skill can create depositions, upload files, and publish records using a bearer token with write and action scopes, accidental or prompt-injected invocation could cause unauthorized uploads, metadata changes, version creation, or irreversible publication actions.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The new-version example performs the irreversible publish action immediately after modifying files and metadata, without any review step or user confirmation. In a documentation skill intended to be copied verbatim, this increases the chance of accidental publication of incorrect, sensitive, or incomplete artifacts.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.