Synthetic Bio Circuit Designer

Security checks across malware telemetry and agentic risk

Overview

This skill is a small local script that prints basic synthetic-biology circuit descriptions and does not access files, secrets, or the network.

Treat the outputs as educational sketches, not lab-ready biological instructions. Re-review before using any future version that adds real simulation, file writing, external APIs, organism-specific designs, or wet-lab protocols.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The skill description and usage documentation are broad enough that an agent could invoke the skill without strong task-boundary checks or explicit authorization conditions. In a skill that designs synthetic biology circuits, vague activation scope increases the chance of unintended assistance on sensitive bioengineering tasks, making misuse easier even if the file does not contain direct exploit code.

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The documentation explicitly states that local Python/R scripts execute and that files are written, but it does not clearly warn users that the workspace may be modified or describe safe output locations and overwrite behavior. This can lead to unintended file changes, unsafe execution assumptions, or abuse through crafted paths if users or downstream agents invoke the skill without understanding its side effects.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal