USMLE Case Scenario Generator

Security checks across malware telemetry and agentic risk

Overview

This is a local educational USMLE case generator with no credential use, network access, or persistence, but its medical output and setup notes need careful review.

Install only if you want educational board-exam practice cases. Do not use generated cases for diagnosis or treatment, review medical details against authoritative sources, and avoid running `pip install -r requirements.txt` until the unexplained `main` dependency is verified or removed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 87% confidence
Finding: The skill’s 'When to Use' section expands scope beyond generating USMLE-style cases into generic 'academic writing tasks,' which can cause the agent to invoke this skill for unrelated requests. That scope drift is dangerous because it weakens routing boundaries and may lead users or orchestrators to run the packaged script or workflow in situations it was not designed to handle.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal