Back to skill

Security audit

ConvertAgent

Security checks across malware telemetry and agentic risk

Overview

This file-conversion skill is legitimate in purpose, but it gives the agent broad permission to run a local converter and install unspecified system dependencies.

Install only if you already trust and manage the local ConvertAgent installation. Require explicit approval before any package installation, verify the actual converter binary and service configuration, and use explicit input and output paths for conversions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The instruction to install missing system dependencies expands the skill from deterministic file conversion into host modification and package management. That creates a dangerous path where ordinary conversion requests can lead to privileged changes, supply-chain exposure, or persistence on the local system, especially if the agent runs with elevated permissions.

Vague Triggers

Medium
Confidence
82% confidence
Finding
The trigger description is broad enough to invoke this skill for almost any file-conversion-related request or workflow, which increases the chance the agent will use local CLI tooling on untrusted files without sufficient scoping or user confirmation. In context, this is more dangerous because the skill also references direct system paths, a local service, and fallback behaviors that can affect the host environment.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.