Security audit

Knowledge Distillation

Security checks across malware telemetry and agentic risk

Overview

This skill is a local knowledge-distillation workflow that drafts Markdown output from user-selected memory/report materials and does not show hidden network, credential, or destructive behavior.

Before installing, consider that using this skill means allowing the agent to inspect local memory, session, and report files you point it at. Choose input and output directories deliberately if those files contain sensitive personal, business, or project information.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Tp4

High

Category: MCP Tool Poisoning
Confidence: 98% confidence
Finding: This is a mismatch because the description presents the skill as performing actual knowledge extraction from memory/session/report files, but the implementation does not do that work. The main script accepts memory and output directories, creates a dated output file, and fills it with a boilerplate template containing TODOs. It does not inspect source files, parse transcripts, summarize reports, or derive knowledge points/leads. There is no hidden extra capability, but the code's primary purpose materially differs from the declared purpose: it scaffolds a manual distillation document rather than executing distillation.

VirusTotal

54/54 vendors flagged this skill as clean.

View on VirusTotal