Back to skill

Security audit

Curatr

Security checks across malware telemetry and agentic risk

Overview

This health-record review skill is purpose-aligned and approval-gated, though users should verify that evaluation is truly read-only before using it with real patient data.

Before installing, treat this as a healthcare-data tool: use it only with systems where you understand what record store it can read and write, confirm curatr.evaluate has no side effects, and require explicit patient confirmation before any curatr.apply_fix call.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Intent-Code Divergence

High
Confidence
94% confidence
Finding
The documentation says `curatr.evaluate` is read-only and safe to call at any time, but the later statement that fixes are applied at read time implies evaluation may mutate patient data or present side effects during a nominally safe operation. In a healthcare context, that mismatch is dangerous because agents or users may invoke the tool without step-up or human confirmation, assuming no state change occurs.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.