Back to skill

Security audit

Tmp.S252qZs2xo

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent Google Classroom integration, but it enables live roster, grading, posting, and deletion actions with broad triggers and no clear confirmation guardrails.

Install only if you intend to let the agent operate on a real Google Classroom account. Before using it, confirm the selected Google account, course, student or teacher identity, and requested action, especially for deletes, roster changes, grades, submission returns, announcements, invitations, and the gog_classroom_run escape hatch.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger text is broad enough to activate on many generic classroom, homework, roster, or gradebook requests without clearly constraining when Google Classroom access is actually needed. In an agent environment, overbroad routing can cause the model to select a powerful skill unnecessarily, increasing the chance of unintended access to education records or destructive operations such as course changes, enrollments, or grading actions.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
This skill exposes numerous sensitive and destructive capabilities, including creating, updating, deleting, grading, returning submissions, and changing course membership, but the description provides no warning that these actions affect real student data and classroom state. Without clear user-facing cautions and confirmation expectations, an agent may perform high-impact educational or privacy-sensitive actions too readily, leading to accidental data changes, FERPA-relevant privacy issues, or disruption of instruction.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.