Back to skill

Security audit

Find Next Book

Security checks across malware telemetry and agentic risk

Overview

This skill is a transparent book-recommendation helper that uses relevant memory and reading context with explicit privacy limits.

Before installing, be aware that the skill may use relevant long-term memory and reading history to personalize recommendations. It has good privacy boundaries, but its default prompt and response template are in Chinese, so users who prefer another language may need to ask explicitly for their preferred language.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Natural-Language Policy Violations

Medium
Confidence
87% confidence
Finding
The response contract hard-codes a Chinese output template ("最推荐…") without conditioning on the user's language or any documented locale requirement. This can override user preference, degrade usability, and in safety-sensitive recommendation contexts may cause misunderstanding or misapplication of advice, especially when discussing medical, legal, financial, or mental-health books.

Natural-Language Policy Violations

Medium
Confidence
88% confidence
Finding
The skill metadata hard-codes Chinese-language content in both the short description and default prompt, which can steer interactions into Chinese regardless of the user's language preference. This can cause user confusion, misalignment with expected behavior, and reduced transparency or consent, especially in multilingual environments where users may not understand the injected prompt text.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.