Back to skill

Security audit

cad-skill

Security checks across malware telemetry and agentic risk

Overview

This skill matches its CAD automation purpose, but it can start and force-close CAD programs in ways that deserve user review before installation.

Install only if you are comfortable letting the assistant start and stop local CAD applications. Save work before using close_app, avoid force=true unless explicitly needed, verify any saved executable path yourself, and do not use alternate config files unless you created and reviewed them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill includes a close_app action but the description does not warn that closing CAD software can terminate active sessions with unsaved models or documents. In CAD workflows this can directly cause data loss, interrupted engineering work, and accidental shutdown of critical applications if the agent acts without informed user consent.

Missing User Warnings

Medium
Confidence
82% confidence
Finding
The skill can terminate CAD processes, and by default does so forcibly, without any user confirmation, save-state check, or warning about unsaved work. In the context of engineering/CAD software, abrupt termination can destroy unsaved designs and disrupt active work, making this more dangerous than a generic desktop utility action.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The runner exposes a close_app operation with force defaulting to true and no visible confirmation, policy check, or guardrail in this file. In the context of a skill that controls local Windows CAD applications, this can abruptly terminate user work, causing loss of unsaved designs or disruption of active engineering workflows if invoked by an upstream agent or malformed input.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.