Back to skill

Security audit

Primer Design Check

Security checks across malware telemetry and agentic risk

Overview

This is a simple local primer-checking script, but it overstates off-target and BLAST capabilities that are not implemented.

Install only if you want a lightweight local primer-quality helper. Do not rely on it for off-target amplification, BLAST, template matching, primer-pair interaction, or wet-lab design decisions unless those capabilities are added and independently validated.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
94% confidence
Finding
The skill advertises off-target amplification checking, but the implementation only evaluates basic single-primer properties like Tm, GC content, hairpins, and self-dimers. This can mislead users into trusting that a critical specificity check was performed when it was not, creating a security/safety issue through false assurance in a bioinformatics workflow.

Intent-Code Divergence

Medium
Confidence
92% confidence
Finding
The method is described as performing a comprehensive primer check, but it omits the advertised off-target amplification analysis entirely. In this skill context, that mismatch is more dangerous because users are likely relying on the tool for experimental design decisions, and incomplete analysis may cause selection of non-specific primers under the mistaken belief they were validated.

Missing User Warnings

Low
Confidence
83% confidence
Finding
The skill documentation states that local scripts execute and read/write files, but it does not clearly warn users that workspace contents may be modified. In agentic environments, insufficient disclosure around file system effects can lead to accidental overwrites, unintended persistence of sensitive outputs, or unsafe invocation with untrusted paths.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.