Back to skill

Security audit

introduction-language-flow-reviser

Security checks across malware telemetry and agentic risk

Overview

This academic writing skill is coherent and only creates clearly described Markdown output files, with no hidden code, credential use, or external access.

Install this if you want a file-producing academic revision workflow. Before using it on sensitive or unpublished manuscript text, ask the agent to confirm exact output paths and avoid overwriting existing files, or request inline output instead of saved files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill directs the agent to automatically save two Markdown files to disk, including path behavior based on the input source, without requiring explicit user consent or warning. This can cause unintended file creation or overwriting in the working directory or adjacent to user files, which is risky in agent environments where file writes are sensitive side effects.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.