Graph Interpretation

Security checks across malware telemetry and agentic risk

Overview

This graph-interpretation skill is broadly coherent and does not show hidden data access, persistence, exfiltration, or destructive behavior.

Install only in workspaces where you are comfortable granting local read/write/edit and shell capability. Review any proposed shell commands before running them, and expect that some documented examples may need adjustment because the referenced graph_interpreter.py file is not included.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Context-Inappropriate Capability

Medium

Confidence: 89% confidence
Finding: The manifest describes a graph-interpretation skill for scientific and clinical communication tasks, which is well aligned with reading inputs and writing analysis outputs. Granting Bash introduces command-execution capability that is not justified anywhere in the documented scope and is materially broader than needed for interpreting charts or drafting captions.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal