Academic Researcher

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only academic writing helper with no code or hidden system access.

Safe to install based on the provided artifacts. Users should still verify citations, factual claims, and research summaries before relying on them, especially in sensitive academic or professional contexts.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The skill's invocation criteria are broad enough to match many ordinary academic-related requests without clear scoping boundaries, which can cause the agent to over-apply this skill in contexts where a more specialized or safer skill should be used. While the content itself is benign, over-broad routing can degrade policy enforcement, produce inappropriate assistance outside intended scope, and increase the chance of mishandling sensitive or regulated research topics.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal