Back to skill

Security audit

Drug Interaction Checker

Security checks across malware telemetry and agentic risk

Overview

The skill is a coherent local drug-interaction checker, but it gives specific medication-change guidance without sufficiently prominent safeguards.

Review carefully before installing or using. Treat results as educational screening only, do not change doses, stop drugs, combine drugs, or delay care based on this tool, and confirm any interaction concern with a pharmacist or clinician. Use a virtual environment for the unpinned pip install step.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
This skill emits specific clinical recommendations such as dose changes, avoidance instructions, and monitoring guidance before any prominent warning that the tool is not medical advice. In a medication-safety skill, users may rely on these recommendations as authoritative, which can cause harmful self-medication decisions, missed contraindications, or delayed professional care.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.