Back to skill

Security audit

Xml Reader

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a straightforward XML-to-DataFrame helper, with the main caution being normal XML parsing risk for untrusted files.

Install only if you expect the agent to read local XML files you choose. Treat XML from unknown sources cautiously: avoid huge files, prefer trusted inputs, and consider sandboxing or hardened XML parsing for attacker-supplied data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill parses XML directly with xml.etree.ElementTree via ET.parse() and ET.fromstring() while presenting it as a general-purpose reader for external construction-system files, but it provides no warning or hardening guidance for untrusted XML. In real usage, this can lead consumers to process attacker-supplied XML without considering parser abuse risks such as denial of service from oversized or maliciously structured XML, making the omission security-relevant rather than purely documentation-related.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.