Back to skill

Security audit

Meta Research

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed research workflow assistant that may create project files and run research-related commands, but its capabilities fit its stated purpose and show no hidden or destructive behavior.

Install this for research workspaces where you are comfortable with the assistant creating notes, LOGBOX entries, exploration folders, drafts, protocols, and analysis artifacts. Review proposed Bash commands, web-sourced material, and file edits before approving them, especially when working with confidential data, human-subjects material, embargoed work, or release/publication steps.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger words are broad enough that the skill may auto-activate for generic terms like "research," "analysis," or "brainstorm," causing the agent to enter a high-autonomy workflow in contexts the user did not intend. Because the skill has write, bash, web, and task-management capabilities, accidental invocation increases the chance of unnecessary workspace changes or external actions.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly directs the agent to create and update LOGBOX files, exploration directories, phase artifacts, and task lists, but it does not prominently warn the user that invoking the skill may modify the workspace. In a high-autonomy research assistant, this can lead to surprising file-system changes, unintended overwrites, or project clutter, especially if invoked in the wrong directory.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.