IRB Application Assistant

Security checks across malware telemetry and agentic risk

Overview

This is a coherent IRB drafting helper with no evidence of hidden data access, exfiltration, persistence, or destructive behavior.

Use this skill as a drafting aid only. IRB applications, consent language, risk assessments, and compliance conclusions should be reviewed by qualified research staff, the PI, and the institution's IRB before submission or use.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The activation text is broad enough to trigger on general discussions of research ethics or human-subjects topics that do not actually require this skill. Because the skill has access to Read, Write, Bash, and Edit, over-broad invocation can unnecessarily expose user content to a more powerful workflow and increase the chance of unintended file operations or command execution in unrelated contexts.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal