Back to skill

Security audit

Data Anomaly Detector

Security checks across malware telemetry and agentic risk

Overview

This skill appears to perform local, user-directed construction data analysis with ordinary file access and no evidence of hidden control, exfiltration, or persistence.

Install only if you are comfortable granting the skill filesystem access to the construction data files you choose to analyze. Review generated estimates and anomaly reports before using them for business decisions, since the skill appears to assist analysis rather than provide a controlled accounting or project-management system.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The instructions expand the skill from anomaly detection into creating cost estimates and offering exports, which does not match the declared skill purpose. This kind of scope drift can cause the agent to perform unintended higher-impact business actions, increasing the chance of misuse, incorrect outputs, or policy bypass through ambiguous capability boundaries.

Description-Behavior Mismatch

Medium
Confidence
90% confidence
Finding
The input/output sections describe broad construction data processing across multiple formats and generalized reporting, which widens the operational scope beyond anomaly detection. Overly broad instructions reduce security and governance clarity, making it easier for users to steer the agent into unauthorized or insufficiently reviewed tasks.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.