Research

Security checks across malware telemetry and agentic risk

Overview

The skill is a mostly coherent market-research helper, but it explicitly encourages bypassing Reddit CAPTCHA checks and can search private knowledge/session/code context without clear scoping.

Install only if you are comfortable with web scraping, browser automation, external domain/name lookups, and a generated docs/research.md file. Before use, remove or ignore the CAPTCHA-bypass instructions and require explicit approval before searching private knowledge bases, prior sessions, or source code.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Missing User Warnings

Low

Confidence: 83% confidence
Finding: The skill writes `docs/research.md` into the current project directory, but the user-facing description does not disclose that it performs a filesystem write. Hidden side effects are risky because users may invoke a seemingly read-only research skill and unintentionally modify repositories, trigger sync/CI workflows, or overwrite prior analysis if prompts are ambiguous.

Natural-Language Policy Violations

Medium

Confidence: 89% confidence
Finding: The instructions explicitly direct the agent to use `old.reddit.com` because it 'bypasses CAPTCHA,' which is effectively guidance to evade access controls or anti-bot friction. Even if used only for research, this increases compliance and abuse risk and normalizes circumvention behavior without user consent or policy checks.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal