Back to skill

Security audit

Teaching Plan Generator

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be an education/lesson-planning helper whose file and knowledge-base access is relevant to its purpose, with no evidence of malware, persistence, credential theft, or destructive behavior.

Install is reasonable if you want an education planning assistant. Only provide files or knowledge-base sources you intend it to use, and avoid broad private directories or sensitive documents unless they are necessary for the lesson-planning task.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The activation description is very broad and can trigger on generic education-related phrases like lesson planning or teaching design without strong boundaries. In an agent system, overly broad routing can cause the skill to activate in unintended contexts, increasing the chance of unnecessary file access, template loading, or downstream processing on user-provided materials.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs the agent to read local file paths and knowledge-base documents, but does not require explicit user consent disclosure or a clear warning that data will be accessed. This creates a real risk of over-collection or unintended exposure of sensitive local or organizational content, especially because the skill is designed to ingest reference materials and prefill outputs from them.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.