Official doc generator

Security checks across malware telemetry and agentic risk

Overview

This is a coherent local document-generation skill with normal caveats around local file writes, templates, dependencies, and revision metadata.

Install this only if you are comfortable running local Python document-processing scripts and their dependencies. For confidential official or business documents, use a controlled output folder, disable enhanced revision history with --no-history when appropriate, and review local data/history/template files before sharing or archiving the workspace.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration

Findings (4)

Context-Inappropriate Capability

Medium

Confidence: 83% confidence
Finding: Periodic network updates for the sensitive-word library introduce outbound connectivity and remote content ingestion into a skill whose primary function is local document generation. This increases supply-chain and privacy risk, because remote sources could influence filtering behavior or receive metadata about usage patterns if networking is not tightly controlled.

Intent-Code Divergence

Medium

Confidence: 81% confidence
Finding: The documentation says the skill must ask the user for an output directory, but it also states it will automatically create directories and shows direct write examples that bypass the confirmation flow. This inconsistency can lead to unsafe assumptions in implementation, causing files or directories to be created without sufficiently explicit user consent.

Vague Triggers

Medium

Confidence: 87% confidence
Finding: The trigger conditions are written very broadly ('when users need formal documents', 'when standard formatting is needed', etc.), which can cause the skill to activate in situations beyond its intended scope. In a document-generation skill, overbroad invocation increases the risk of producing authoritative-looking political/organizational content without clear user intent or proper safeguards, especially when combined with compliance and style claims.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The script automatically creates a persistent revision-history directory and later stores document paths, author names, timestamps, metadata, and content-derived hashes to disk without any consent, notice, retention policy, or access-control handling. In the context of official-document generation, these records may contain sensitive organizational metadata and create an unintended audit trail that can leak confidential workflow information if the host is shared or backups are accessible.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal