MARL — Multi-stage Reasoning Middleware

Security checks across malware telemetry and agentic risk

Overview

This skill is plausible LLM middleware, but users should review it because it routes all model traffic through third-party software while making an overbroad local-only privacy claim.

Review before installing. Use this only if you trust the VIDRAFT Docker/PyPI package and understand that prompts may be processed by MARL and sent to the configured LLM provider unless you use a fully local backend. Prefer pinned versions, avoid sensitive data until data handling is clear, and use local models when data must stay inside your own infrastructure.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill explicitly routes all LLM traffic through a local middleware that then makes API calls to a user-selected upstream model, but the documentation frames this as 'your data never leaves your infrastructure' without clearly qualifying that prompts and related context may still be forwarded to external providers depending on configuration. This creates a real risk of unintentional data disclosure because users may send sensitive prompts under a misleading assumption of full local processing.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal