Back to skill

Security audit

Data Format Converter

Security checks across malware telemetry and agentic risk

Overview

This is a local data-format converter with reliability issues, but its behavior is disclosed and there is no evidence of credential access, persistence, exfiltration, or destructive actions.

Install only if you are comfortable with a basic, unfinished converter. Test it with non-sensitive sample data first, especially YAML, XML, TOML, CSV quoting, and batch cases, and prefer a more complete tool for production or sensitive conversions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
86% confidence
Finding
The trigger phrase "格式转换" is broad enough to match many ordinary user requests about reformatting or converting content, which can cause unintended skill activation. In an agent system, overly generic triggers can route unrelated user data into the wrong skill, producing incorrect outputs or exposing data to unnecessary processing.

Vague Triggers

Medium
Confidence
82% confidence
Finding
The phrase "格式互转" is ambiguous because it does not clearly distinguish structured data conversion from other formatting tasks like document styling, text formatting, or UI layout changes. This ambiguity increases the chance of accidental invocation and misrouting within a broader agent ecosystem.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger patterns are broad and overlap with ordinary user requests such as 'convert format' and 'csv to json', which can cause the skill to activate unintentionally. Overbroad activation increases the chance that the agent routes unrelated or sensitive user data into this skill unexpectedly, creating mis-execution and data-handling risk even though the implementation itself is not overtly malicious.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.