Discussion Section Architect

Security checks across malware telemetry and agentic risk

Overview

This is a coherent academic writing helper with no evidence of hidden data access, networking, persistence, or destructive behavior.

Install this only if you are comfortable letting the agent read and edit academic manuscript files for discussion-section work. Review any proposed Bash command before it runs, and confirm output paths before saving generated outlines.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 81% confidence
Finding: The description is broad enough to trigger on many general academic writing requests, which can cause the skill to be invoked outside its intended narrow scope. Because the skill has powerful tools enabled, over-broad matching increases the chance that unrelated user content is exposed to a skill that can read, modify, or write files, expanding attack surface and enabling unintended actions.

Vague Triggers

Medium

Confidence: 86% confidence
Finding: The summary is broad enough that the skill may be invoked for routine academic writing tasks whenever a user mentions discussion sections, even if they did not intend to use this specific skill. Over-broad routing can expose the skill in more contexts than necessary, increasing the chance that any risky instructions in the linked skill file are applied unexpectedly.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal