Back to skill

Security audit

Urgent Notary Packet Builder

Security checks across malware telemetry and agentic risk

Overview

This is a prompt-only notary checklist skill, but some examples contradict its own safety boundaries by giving jurisdiction-specific notary guidance, drafting-like outputs, and sensitive identity-data workflows without privacy guardrails.

Review carefully before installing. It is prompt-only and has no executable malware indicators, but users should not rely on it for jurisdiction-specific notary rules, legal-form language, acceptable-ID determinations, or official notary journal records. Avoid sharing full ID numbers, signatures, thumbprints, or complete legal documents unless you are comfortable with how your agent handles sensitive data, and verify requirements directly with the notary, receiving institution, or a qualified professional.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (7)

Intent-Code Divergence

High
Confidence
97% confidence
Finding
The skill’s documented safety boundary says it must not draft or revise legal document language, yet this scenario says it will insert a jurisdiction-matching notary block template. That can cause the agent to generate legal-form content the user may rely on, creating risk of invalid filings, rejected notarizations, or unauthorized legal guidance.

Intent-Code Divergence

High
Confidence
98% confidence
Finding
This scenario claims the skill will provide California-specific acceptable IDs with statutory references, which shifts the skill from preparation assistance into jurisdiction-specific legal/compliance advice. Users may act on incomplete or outdated rules, and ID acceptance often depends on jurisdiction, document type, and the notary’s authority or platform rules.

Intent-Code Divergence

Medium
Confidence
81% confidence
Finding
Generating a notary journal entry PDF exceeds the stated signer-readiness scope and can encourage production of official-seeming recordkeeping artifacts for a regulated notarial process. Even if intended as a convenience, it blurs the boundary between assisting a signer and performing or simulating notary recordkeeping functions.

Intent-Code Divergence

High
Confidence
96% confidence
Finding
The Chinese scenario gives concrete operational instructions on obtaining a specific class of notarization in Shanghai, including expedited channels, expected turnaround, costs, and bundling recommendations. That contradicts the skill’s stated boundary against deciding notarization needs or giving process/legal guidance, and users may rely on advice that is jurisdiction-specific, time-sensitive, or inaccurate.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The README describes locating nearby notaries and handling document/template workflows without warning users that these actions may involve personal documents, location context, and identity data. In a notary setting, users are likely to provide highly sensitive information, so missing privacy guidance increases the risk of oversharing, improper retention, or disclosure to external services.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
Generating a notary journal-entry PDF can involve full names, ID details, signatures, thumbprint placeholders, and payment records, all of which are highly sensitive identity data. Omitting a warning or handling guidance makes accidental collection, insecure storage, or improper sharing more likely, which could lead to privacy harm, identity theft, or regulatory issues.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
These examples involve legal documents, IDs, signer data, and possible external lookup behavior without explicit privacy handling guidance, minimization rules, or disclosure around third-party data use. In a notary-preparation context, that increases the risk of oversharing sensitive personal information or encouraging the agent to process more identity/document data than necessary.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.