Pencil Skill

Security checks across malware telemetry and agentic risk

Overview

This skill is a local Pencil design-file editor whose file changes are disclosed and purpose-aligned, though users should be careful with bulk edits and deletes.

Install only if you want an agent to edit Pencil .pen files locally. Use version control or copies for important designs, review generated batch operations before running them, and be especially cautious with delete and bulk replacement commands because they can change or remove design content in the working file.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Missing User Warnings

Medium

Confidence: 86% confidence
Finding: The skill documents file-modifying commands (`batch-design.mjs`, `replace-props.mjs`, `set-variables.mjs`) that can change user design files, but it does not clearly warn that these operations mutate data on disk. In an agent setting, this increases the chance of unintended destructive edits or silent corruption of `.pen` files, especially because the workflow encourages automated write/validate cycles.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The documented `delete` operation removes nodes from a design file, but the skill does not directly warn that this permanently deletes user design content from the working file. Even though a backup is mentioned elsewhere, the absence of an immediate warning around deletion makes accidental data loss more likely when an autonomous agent follows the instructions literally.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal