Back to skill

Security audit

literature-search

Security checks across malware telemetry and agentic risk

Overview

This literature-search skill is an instruction-only helper with one unnecessary prompt-prefix instruction, but no evidence of hidden code, data theft, persistence, or destructive behavior.

Reasonable to install for citation gathering. Be aware that it asks the agent to add a generic thinking prefix before processing requests; remove or ignore that behavior if exact prompt wording matters. For paid databases, avoid sharing full institutional logins when scoped API keys, exports, or manually supplied results will work.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Context-Inappropriate Capability

Low
Confidence
95% confidence
Finding
The instruction to prepend "please think very deeply" to every user input is unrelated to literature search and silently modifies user requests before processing. While not directly enabling data exfiltration or code execution, it is prompt injection-like behavior that alters model operation without user consent and could interfere with predictable, policy-compliant handling.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.