summarizer for school

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate file-processing helper, but its activation phrases and tool authority are broad enough that users should review it before installing.

Install only if you want a broad, autonomous document and file-processing skill. Use it with explicit attachments or paths, avoid giving it sensitive archives or credential-containing files unless necessary, and review any generated output files before sharing them. I did not find artifact-backed evidence of deception, exfiltration, or destructive behavior.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (3)

Vague Triggers

High

Confidence: 96% confidence
Finding: The top-level description embeds very broad trigger phrases such as 'summarize this', 'read this', and 'process this file', which are common user utterances that can unintentionally activate the skill. Because this skill has broad file access, writing, editing, code-execution, and web-capable tooling, unintended activation can route ordinary requests into a higher-risk capability set than the user expected.

Vague Triggers

High

Confidence: 98% confidence
Finding: The auto-activation list contains many ambiguous phrases without scope constraints, including generic prompts like 'read this', 'parse this', 'convert to', and 'what's in this file'. In context, this is especially risky because the skill is highly privileged and multifunctional, so accidental invocation could trigger archive extraction, file writing, or network-enabled enrichment in response to everyday language.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The manifest exposes `write_file` and `edit_file`, but the user-facing description does not clearly warn that the skill may create or modify output files as part of processing. This weakens informed consent and can mislead users into invoking a skill they believe is read-only, increasing the chance of unexpected side effects or unintended persistence of processed sensitive data.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal