Back to skill

Security audit

Lesson Plan Eval

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent lesson-plan review assistant with optional document export, and I did not find evidence of hidden data access, persistence, exfiltration, or destructive behavior.

Install this if you want a Chinese-language vocational lesson-plan audit workflow. Review the optional Pandoc command before running .docx export, especially with untrusted filenames or documents, and be aware the skill may activate broadly for lesson-plan quality discussions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
90% confidence
Finding
The skill expands its scope beyond lesson-plan evaluation by instructing the agent to invoke pandoc for Markdown-to-.docx conversion. That introduces a tool-execution pathway and file-generation capability that is not necessary for the core auditing task, increasing attack surface if untrusted content is converted or if command execution is later automated.

Vague Triggers

High
Confidence
95% confidence
Finding
The trigger rules are intentionally broad, including generic phrases about lesson-plan quality and even implicit activation when the user does not ask for evaluation. Overbroad activation can cause the skill to seize unrelated conversations, override user intent, and route benign educational discussion into a heavyweight audit workflow, which is a prompt-scope and control problem.

Natural-Language Policy Violations

Medium
Confidence
88% confidence
Finding
Forcing Chinese output for non-Chinese input without user consent can mis-handle user instructions, reduce transparency, and cause the agent to transform content in ways the user did not request. In multilingual settings this can lead to incorrect interpretation of educational or technical material and weakens user control over output behavior.

VirusTotal

57/57 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.