English Practice

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only English worksheet generator with purpose-aligned local files and API examples, but users should be careful with the documented answer-key endpoint and any separately obtained code.

Install as an instruction-only worksheet skill with ordinary caution. Do not expose the documented answer-key API to students or the public unless the actual service has authentication and teacher/admin controls, and review any referenced Python scripts or question-bank files before running them.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill documents a direct `/api/answer-key/{paper_id}` endpoint with no mention of authentication, authorization, or other safeguards. If exposed as described, anyone who can guess or obtain a paper ID may retrieve answer keys, undermining test integrity and potentially leaking restricted educational content.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal