Back to skill

Security audit

Occupation Analysis

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate vocational-report skill, but it asks for root-level package installation and gives weak guidance for storing API keys.

Review before installing. Use this only in a controlled environment, avoid automatic sudo package installation unless you trust the package source and host impact, and provide IMA credentials through a secure environment or secret manager rather than committing or sharing a .env file.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Findings (9)

Context-Inappropriate Capability

Low
Confidence
90% confidence
Finding
The quick-start instructions tell users to write API credentials directly into a plaintext .env file without any security guidance. This can lead to accidental secret exposure through local compromise, backups, screenshots, or committing the file into version control, especially in educational or shared workstation environments.

Vague Triggers

Medium
Confidence
76% confidence
Finding
The trigger conditions are very broad and keyword-driven, with little in the way of exclusion logic. This can cause the skill to activate in contexts where the user did not intend file reads, local document processing, or large-scale report generation, increasing the risk of unintended data access or workflow execution. In an agent environment, overbroad invocation rules can become a security issue because they expand the circumstances under which the skill may touch local assets and produce derived outputs.

Missing User Warnings

Low
Confidence
72% confidence
Finding
The skill omits a clear warning that it reads local files and relies on model inference/world knowledge to generate derived occupational mappings and reports. This matters because users may not realize the skill accesses local datasets and may produce speculative or sensitive derived content, especially when combining multiple sources. While not directly exploitable like code execution, inadequate disclosure weakens informed consent and safe operation in multi-tenant or sensitive environments.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The guide instructs users to store secrets in a plaintext .env file but omits warnings about source-control leakage and local secret handling. This is dangerous because documentation often gets copied verbatim, causing predictable credential hygiene failures rather than a one-off user mistake.

Sudo/Root Execution

Medium
Category
Privilege Escalation
Content
- pypdf==3.17.0
    - python-docx==1.2.0
  system:
    - sudo apt-get update && sudo apt-get install -y pandoc
---

# 职业教育职业分析 Skill
Confidence
95% confidence
Finding
sudo

Sudo/Root Execution

Medium
Category
Privilege Escalation
Content
- pypdf==3.17.0
    - python-docx==1.2.0
  system:
    - sudo apt-get update && sudo apt-get install -y pandoc
---

# 职业教育职业分析 Skill
Confidence
95% confidence
Finding
sudo

Credential Access

High
Category
Privilege Escalation
Content
ls assets/occupation_dictionary_split/

# 4. 配置环境变量(创建 .env)
echo "IMA_OPENAPI_CLIENTID=your_client_id" > .env
echo "IMA_OPENAPI_APIKEY=your_api_key" >> .env

# 5. 运行测试
Confidence
97% confidence
Finding
.env

Credential Access

High
Category
Privilege Escalation
Content
# 4. 配置环境变量(创建 .env)
echo "IMA_OPENAPI_CLIENTID=your_client_id" > .env
echo "IMA_OPENAPI_APIKEY=your_api_key" >> .env

# 5. 运行测试
python scripts/search_major.py --major "汽车运用与维修" --level "中等职业教育"
Confidence
99% confidence
Finding
.env

Chaining Abuse

High
Category
Tool Misuse
Content
- pypdf==3.17.0
    - python-docx==1.2.0
  system:
    - sudo apt-get update && sudo apt-get install -y pandoc
---

# 职业教育职业分析 Skill
Confidence
96% confidence
Finding
&& sudo

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Static analysis

No suspicious patterns detected.