Back to skill

Security audit

Exam Evaluator

Security checks across malware telemetry and agentic risk

Overview

This skill is a purpose-aligned exam evaluation workflow that reads user-provided assessment files and creates local reports, with no evidence of exfiltration, persistence, credential access, or destructive behavior.

Install only if you intend to analyze exam or question-bank documents. Review uploaded files for sensitive student or institutional data, delete temp/output artifacts when finished, and make sure any referenced scripts/parse_*.py helpers come from the intended project rather than an unrelated workspace.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
86% confidence
Finding
The trigger list is unusually broad because it includes generic phrases like file extensions and common assessment terms that may match ordinary user requests unrelated to this skill. That can cause unintended skill activation, leading the agent to read and process uploaded documents or route user workflows into this skill without sufficiently specific user intent.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill explicitly instructs reading uploaded .xlsx/.xls/.docx/.pdf files and generating local artifacts such as temp JSON and HTML reports, but it does not require a clear user-facing notice or confirmation about file access, parsing, retention, and output generation. This creates a privacy and consent risk, especially because exam files may contain sensitive student, school, or proprietary assessment content.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.