Security audit

Ai Pharmacology

Security checks across malware telemetry and agentic risk

Overview

This is a non-executable pharmacology reference skill, but it invites medication interaction, dose, and individualized-use guidance without clear medical-safety boundaries.

Review before installing if users may ask real medication questions. It should be treated as educational pharmacology content only, not a tool for diagnosis, prescribing, dose changes, pregnancy/pediatric decisions, overdose handling, or urgent drug-interaction decisions without a qualified clinician or pharmacist.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

High

Confidence: 95% confidence
Finding: The skill presents medication, interaction, and dose-adjustment guidance in a way that can be interpreted as actionable medical advice, but it does not warn users that the content is educational only and not a substitute for a licensed clinician or pharmacist. In a pharmacology context, omission of this boundary increases the risk that users self-medicate, change dosing, or combine drugs unsafely based on model output.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.