Back to skill

Security audit

Anychunker Skills

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed AnyChunker usage guide with small local demo scripts and no evidence of hidden, destructive, or data-exfiltrating behavior.

Install this skill if you want an agent to help use AnyChunker for document or RAG chunking. Be aware it may activate for broad chunking-related prompts, and review generated examples before pointing them at private repositories, external embedding APIs, or vector databases.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The activation text includes broad triggers like 'chunk, split, or segment text' and common workflow phrases such as 'build a RAG ingestion pipeline,' which can match many ordinary requests outside the narrow need for this specific library. In an agent environment, this can cause over-activation and inappropriate routing, making the skill intervene when a generic answer or different tool would be safer or more relevant.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The skill's trigger conditions are very broad and overlap with common user requests about chunking, splitting, Markdown, code, RAG ingestion, and parameter names. This can cause the skill to activate in contexts where it is not the best match, increasing the chance of incorrect tool routing, unnecessary file/script execution guidance, or unintended influence over the agent's behavior.

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.