Back to skill

Security audit

Course

Security checks across malware telemetry and agentic risk

Overview

The skill is mostly a coherent course-management guide, but it gives unsafe automated student-onboarding and tracking guidance that should be reviewed before use.

Review this skill before using it with real students. Do not email passwords or reusable credentials; use one-time activation/password-set links instead. Confirm before creating or overwriting ~/courses/ files, and add privacy/consent, retention, and opt-out controls before tracking student activity or sending automated nudges.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Low
Confidence
93% confidence
Finding
The skill explicitly instructs creation and use of a persistent local directory tree under ~/courses/ and later says to create ~/courses/[name]/ on first use, but it provides no user warning, confirmation step, or scope limitation for filesystem modifications. While the intended behavior is ordinary workspace setup for course management, silent local writes can surprise users, overwrite existing content, or create privacy and data-retention issues if sensitive course materials are stored automatically.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The document explicitly instructs tracking student activity, assessment, support, and community-participation data and using that data to trigger automated outreach, but it provides no notice, consent, retention, or opt-out guidance. In a student-management context this creates privacy and compliance risk because implementers may deploy behavioral monitoring and automated messaging without transparency or appropriate controls.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
Sending login credentials by email is an unsafe authentication practice because email is often insecure, broadly accessible across devices, and easily forwarded or compromised. In this course platform context, automating credential delivery at enrollment increases the chance that passwords or initial secrets are exposed at scale, leading to account takeover or unauthorized access to student data.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal