Epstein Files Search

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward public-document search tool, with the main caution that searches go to a third-party API and results may include sensitive allegations about people.

Reasonable to install for public-record research. Avoid entering confidential or legally sensitive search terms unless you are comfortable sending them to DugganUSA, and verify any result against official source documents before sharing or acting on it.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The skill is explicitly designed to search and export a large corpus of highly sensitive records tied to identifiable individuals, including names, locations, aircraft, communications, financial records, and evidence inventories, yet it provides no privacy, legal, or reputational-use warning. That omission lowers friction for misuse such as bulk profiling, harassment, doxxing, or redistribution of sensitive allegations, especially because the skill emphasizes easy piping/export and direct document links.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal