Security audit

Ui Component

Security checks across malware telemetry and agentic risk

Overview

This skill is a low-impact UI component helper with one under-disclosed local history log, but no evidence of exfiltration, credential use, destructive behavior, or privileged access.

Safe to install for normal UI snippet generation, but treat it as a small shell-based helper rather than a full application builder. Avoid passing secrets or sensitive project names as command arguments because one helper script records arguments in a local history file. Check which script your launcher invokes, since the included scripts expose different command sets.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (3)

Description-Behavior Mismatch

High

Confidence: 94% confidence
Finding: The implemented script materially contradicts the declared skill purpose: instead of generating runnable HTML/CSS UI components, it only prints static design tips. This is dangerous because users and orchestrators may grant or invoke the skill based on its manifest-described capability, leading to deceptive behavior, broken automation, and reduced trust in the agent ecosystem.

Intent-Code Divergence

Medium

Confidence: 91% confidence
Finding: The file header and help text explicitly describe the tool as a design reference/helper, which conflicts with the published identity of a UI component generator. This inconsistency reinforces that the skill is misrepresented, increasing the risk of operator confusion and incorrect delegation of tasks.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The script silently records command usage and arguments to a history file under the user's data directory without any notice or consent. Even if the current commands are simple, logged arguments can contain project names, internal design notes, or other sensitive data, creating a privacy and data-retention risk in contexts where users do not expect persistent logging.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal