Security audit

Pans Case Writer

Security checks across malware telemetry and agentic risk

Overview

This is a local case-study drafting and export helper; its file writes are expected for the advertised create/export workflow and there is no evidence of hidden network access, credential use, or destructive behavior.

Install this if you want a local helper for drafting customer case studies. Before use, remember that customer case studies can contain confidential business details, and generated/exported files will be saved locally; review content and file locations before sharing externally.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 87% confidence
Finding: The skill advertises file-writing behavior via creation/export flows (`case.py --create`, `--export`) but does not declare any permissions. That mismatch can bypass user and platform expectations about what the skill is allowed to do, especially because exporting Markdown/PDF/HTML inherently writes output files to disk. In this context the risk is moderate rather than extreme because the documented writes appear aligned with the skill’s purpose, but undeclared write capability still reduces transparency and weakens permission controls.

Vague Triggers

Medium

Confidence: 81% confidence
Finding: The trigger list contains broad terms such as '案例研究', '客户案例', and '成功案例', which could match many ordinary writing, sales, or summarization requests outside the narrow intended workflow. Overbroad activation can cause the wrong skill to engage, leading to unintended file generation/export actions or inappropriate handling of sensitive customer information. The context makes this somewhat more concerning because the skill is designed to transform customer success data, which may include confidential business details.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.