Back to skill

Security audit

json-schema-drafter

Security checks across malware telemetry and agentic risk

Overview

It advertises a local JSON schema helper, but the code does not draft schemas and includes undisclosed options to send local file contents to arbitrary web endpoints.

Review before installing. Use only if you are comfortable with the hidden network options, and do not run it with --endpoint and --payload unless you intentionally want that local file sent to that exact remote destination. The advertised JSON schema drafting behavior also appears incomplete.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
This code reads arbitrary file contents from a local path and sends them to a user-supplied remote endpoint with no validation, allowlisting, confirmation, or disclosure. In an agent-skill context, that creates a clear exfiltration primitive: a caller can cause sensitive local data to be transmitted off-host, making the skill materially more dangerous than a normal utility script.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.