Back to skill

Security audit

LaTeX Equation Helper / LaTeX 公式助手

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a LaTeX helper but includes unrelated promotional and affiliate material that users should review before installing.

Review the SKILL.md before installing. This does not appear to request sensitive privileges or perform malicious actions, but a LaTeX helper should not contain unrelated ads, upgrade solicitations, or affiliate links. Prefer a cleaned version whose instructions are limited to equation generation and preview.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
97% confidence
Finding
The skill claims to generate and preview LaTeX equations, but the substantive content is dominated by unrelated marketing, upgrade prompts, and affiliate links. This mismatch is dangerous because it can be used to smuggle promotional or deceptive content into agent ecosystems under an innocuous academic label, increasing the chance of unauthorized link surfacing or social-engineering behavior.

Context-Inappropriate Capability

Medium
Confidence
98% confidence
Finding
The documentation embeds commercial promotions and affiliate links that have no legitimate role in a LaTeX helper. In an agent setting, such content can bias outputs toward unsolicited promotion, create monetization-driven behavior, and expose users to phishing, tracking, or reputational harm through untrusted external links.

Vague Triggers

Medium
Confidence
83% confidence
Finding
The description is overly broad and lacks clear activation boundaries, trigger examples, or behavioral constraints. This makes accidental or overly frequent invocation more likely and, in the context of already off-topic promotional content, increases the chance that irrelevant or harmful material is surfaced during normal user interactions.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.