Security audit

In Silico Perturbation Oracle

Security checks across malware telemetry and agentic risk

Overview

This skill appears non-malicious from a system-security standpoint, but its biomedical prediction claims are materially overstated because the code generates simulated results while presenting them as actionable model-backed outputs.

Install only in an isolated Python environment and treat all generated biological results as demo data unless you independently verify real model integration, validated inputs, and provenance. Do not use the target rankings or wet-lab guide for research, clinical, or experimental decisions without expert review.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (3)

Description-Behavior Mismatch

High

Confidence: 98% confidence
Finding: The skill markets itself as foundation-model-based virtual gene knockout prediction, but the implementation uses seeded random noise, mock models, and heuristic scoring instead of real model inference. In a bioinformatics context, this is dangerous because users may treat synthetic outputs as scientifically meaningful and make downstream research or experimental decisions based on fabricated predictions.

Intent-Code Divergence

Medium

Confidence: 95% confidence
Finding: The CLI and docstrings present the system as performing real virtual knockout prediction and generating actionable results, while the code explicitly relies on placeholder logic. This mismatch increases the likelihood of user deception, especially because the surrounding scientific framing makes the outputs appear authoritative.

Context-Inappropriate Capability

Medium

Confidence: 90% confidence
Finding: The skill exports a wet-lab validation guide with CRISPR knockout and assay recommendations, extending beyond passive computational analysis into procedural experimental guidance. Because the upstream predictions are simulated, this can steer users toward unnecessary or misinformed biological experiments.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.