Agent Reader

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed document-rendering helper, with ordinary caution around running an external npm MCP package and handling sensitive documents.

Install only if you are comfortable running the external npm package via npx, preferably pin the package version in your MCP config, and use explicit export tools/formats when you need predictable output. Treat generated files and inline HTML/base64 returns as containing the same sensitive information as the source Markdown or images.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The trigger phrase "open this file" is overly broad for a skill that can generate or open multiple output formats automatically. In agentic environments, common user requests may accidentally invoke `open_file`, causing unintended file handling or format selection based on stored preferences rather than explicit user intent.

Missing User Warnings

Low

Confidence: 84% confidence
Finding: The skill advertises `open_file` as a smart opener but does not clearly warn that it may choose formats according to stored user preferences. This can mislead upstream agents or users into believing the operation is deterministic, increasing the chance of opening or generating an unintended format.

VirusTotal

51/51 vendors flagged this skill as clean.

View on VirusTotal