pubmed2blog

Security checks across malware telemetry and agentic risk

Overview

The skill does what it claims, but it under-discloses recurring cron automation and credential-backed generation risks.

Review before installing. Verify the npm package and publisher, prefer a pinned or sandboxed install, use limited provider API keys, and do not allow cron scheduling unless you explicitly want recurring unattended generation and know how to disable it. Review all medical or healthcare content before publishing.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Low

Confidence: 86% confidence
Finding: The skill documents use of `--save` to write generated articles to disk but does not clearly warn the agent or user that local files will be created. In an agent context, implicit file output can cause unintended persistence of sensitive or low-quality generated medical content, especially if run in shared workspaces or automated environments.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill recommends scheduling regular content generation via cron without warning about unattended API calls, external data retrieval, model usage, and file creation. In this healthcare-content context, automation increases the risk of repeated unauthorized network activity, cost accrual, and accumulation or publication of inaccurate medical content without human review.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal