Back to skill

Security audit

Medical Literature Search

Security checks across malware telemetry and agentic risk

Overview

This is a simple medical literature search helper with no executable code, persistence, credential handling, or hidden system access.

Installers should understand that this skill helps locate and summarize medical literature, not make medical decisions. Verify important claims against primary sources or qualified professionals, and avoid entering subscription credentials unless the runtime environment is trusted.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
91% confidence
Finding
The example trigger phrase is broad enough to match ordinary medical-information requests, which can cause the skill to activate in situations where the user did not explicitly ask for a literature-search workflow. This increases the chance of incorrect routing, unexpected tool use, or bypass of more appropriate domain-specific handling, especially in a medical context where user intent needs to be interpreted carefully.

Natural-Language Policy Violations

Medium
Confidence
82% confidence
Finding
The README presents the skill entirely in Chinese and does not indicate that output language should follow the user's preference, which can lead to forced language behavior. While not a direct security exploit, it can cause incorrect or inaccessible responses and mis-handle multilingual requests, reducing reliability and potentially confusing users in a medical setting.

VirusTotal

58/58 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.