Veterinary Science

Security checks across malware telemetry and agentic risk

Overview

This appears to be a coherent veterinary career-roadmap skill, but users should be aware it sends personal assessment-style inputs to an external API.

Install only if you are comfortable sending veterinary career assessment inputs and related session metadata to the skill's external service. Avoid entering sensitive personal details unless needed, and prefer explicit prompts such as requesting a veterinary career roadmap or specialization plan.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The skill explicitly collects assessment data, session identifiers, timestamps, and optional user IDs, but provides no privacy notice, retention policy, lawful-use statement, or data-handling constraints. In a career-guidance context this can expose personal profiling data to unnecessary collection, tracking, or secondary use without informed consent, increasing privacy and compliance risk.

Vague Triggers

Low

Confidence: 89% confidence
Finding: The POST operation description, "Generate personalized Veterinary Science roadmap," is too generic to clearly constrain when an agent should invoke the skill. Broad trigger language can cause over-invocation on loosely related user requests, increasing unnecessary data sharing such as session identifiers, timestamps, and assessment data to the external API.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal