Back to skill

Security audit

log-polish-enus-images

Security checks across malware telemetry and agentic risk

Overview

The skill does not show malware-like behavior, but its advertised blog-polishing function is materially unreliable because the workflow writes canned placeholder content instead of polishing the draft.

Install only if you are comfortable with a local draft reader/writer and you understand the current workflow may produce placeholder or incomplete blog content. Review generated Markdown carefully before publishing, and keep draftPath/outputDir pointed at non-sensitive locations.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Intent-Code Divergence

High
Confidence
98% confidence
Finding
The documented behavior promises faithful polishing, content preservation, and citation handling, but the implementation discards the source draft and emits canned placeholder text instead. This creates integrity and reliability risks: users may unknowingly publish fabricated or incomplete content while believing it reflects their original draft and required references.

Intent-Code Divergence

Medium
Confidence
94% confidence
Finding
The code generates generic numbered prompts based only on a section count, not the actual section headings or content as promised. This can mislead downstream users or tools into trusting prompts as content-aligned when they are generic placeholders, reducing output integrity but not directly exposing system security.

Intent-Code Divergence

Medium
Confidence
88% confidence
Finding
The manifest and documentation make strong guarantees about article length and section structure, but the workflow does not enforce them. This is primarily a spec/implementation mismatch that can cause unreliable outputs and broken downstream assumptions rather than a direct security compromise.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.