Paper Reproduction by Python

Security checks across malware telemetry and agentic risk

Overview

This instruction-only skill is aligned with paper reproduction work and mainly creates local code, logs, results, and bilingual documentation.

Install this only for paper reproduction projects where generated code, experiment logs, result files, and bilingual README output are acceptable. Use a dedicated repository or branch, review generated Python before running it, and inspect logs and translated documentation before sharing or committing them.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Natural-Language Policy Violations

Medium

Confidence: 92% confidence
Finding: The skill requires generating and maintaining a Chinese README alongside the English README regardless of whether the user requested bilingual output. This can cause the agent to perform extra work, create unexpected artifacts, and violate user intent or least-surprise expectations, especially in constrained or sensitive repositories where output scope matters.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal