Security audit

js2java

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only JS-to-Java teaching skill with no installer or runtime access, though its generated backend examples need security review before real use.

This skill is low risk to install because it is documentation-only and does not run code or access private data. Use its output as scaffolding: before deploying generated Spring Boot code, review authentication, password hashing, authorization, validation, exposed endpoints, persistence models, and production configuration.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (5)

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The README includes login/registration examples that query by raw password and store passwords directly, while only briefly noting that encryption should be used in real projects. Because the skill is designed to generate runnable Spring Boot code, users may copy insecure credential-handling patterns into real systems, leading to plaintext password storage, weak authentication design, and compromise of user accounts if the database is leaked.

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The skill is configured to trigger on essentially any pasted JavaScript code or natural-language Java request, without meaningful boundary checks. Over-broad activation can cause the agent to invoke this skill in unrelated contexts and generate full backend scaffolding, increasing the chance of unintended code generation, unsafe transformations, or privilege-crossing actions in larger workflows.

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The sample trigger phrases are broad everyday help requests that can overlap with normal conversation, making accidental invocation more likely. In an agent environment, this can redirect benign chats into automatic code-generation behavior and produce unnecessary or unsafe artifacts the user did not clearly request.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill instructs the agent to generate complete Spring Boot layers, including repositories, entities, and REST endpoints, without warning that this may create executable backend interfaces or persistence models. That can materially expand the operational footprint of the output and lead users to deploy code exposing new attack surfaces, such as unauthenticated CRUD endpoints or unsafe data models, without sufficient review.

Natural-Language Policy Violations

Medium

Confidence: 96% confidence
Finding: The prompt is written entirely in Chinese and instructs the assistant to operate in that language flow without offering any user-language detection, fallback, or opt-in. This can exclude users who do not read Chinese, cause misunderstandings in code/security-sensitive explanations, and reduce informed user control over how outputs are presented.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal