Security audit

Academic Composer Upload

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed academic-writing helper with broad activation phrases, but its permissions and scripts match its stated source-search and local style-analysis purpose.

Install only if you want an academic research and drafting workflow. Review source selections and citations yourself, do not submit AI-generated work as your own, and remember that search terms go to Semantic Scholar while essay content may be processed by your configured LLM provider.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (5)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The skill advertises activation for very broad, common academic-writing requests such as writing essays, converting outlines into full essays, and handling citations. Even though it includes an academic integrity notice, the invocation scope is still wide enough to facilitate ghostwriting or policy-violating coursework assistance, especially because the workflow explicitly expands outlines into complete cited essays.

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The activation text is broad enough to trigger on many ordinary academic-help requests, causing this skill to activate in contexts beyond a narrowly intended scope. Because the skill has both shell and network permissions and can initiate source searches and local script execution, unintended invocation increases the chance of unnecessary tool use, data exposure to external services, and academic-integrity-sensitive assistance being offered when the user did not explicitly request this workflow.

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The trigger list contains many generic phrases such as 'write essay,' 'research paper,' 'academic writing,' and citation-related terms that are likely to appear in routine conversations. This can cause accidental invocation of a privileged skill, leading the agent to steer users into a workflow that uses networked source lookup and shell-executed scripts even when the request was broad, ambiguous, or could have been handled without privileged capabilities.

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The trigger list contains many generic phrases such as 'write essay', 'research paper', and 'source search' that are common user requests rather than narrowly scoped activation cues. This can cause the skill to activate unintentionally across a broad range of ordinary conversations, increasing the chance of inappropriate routing, prompt interference, or accidental invocation of behavior the user did not intend.

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The Chinese trigger phrases are similarly broad, including common academic-writing requests like '写论文', '文献搜索', and '学术写作', without any limiting context. Because these phrases are likely to appear in normal multilingual usage, the skill may be invoked too aggressively for Chinese-speaking users, creating the same unintended activation and routing risks at scale.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal