arXiv Paper Digest

Security checks across malware telemetry and agentic risk

Overview

This skill fetches public AI paper metadata from HuggingFace and formats digests, with no evidence of credential access, exfiltration, destructive behavior, or hidden execution.

Install if you want a lightweight Python paper digest that contacts HuggingFace for public research metadata. Be aware that some documented features appear aspirational or manual, especially local history, arXiv-source fetching, cron delivery, and QQ/Notion push setup; review any separate scheduler or delivery configuration before enabling it.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 82% confidence
Finding: The trigger terms are broad enough to cause unintended invocation on generic topics like 'papers', 'trending', or 'research news'. In an agent environment, overbroad activation can route unrelated user requests into a network-enabled skill that reads/writes local history, increasing the chance of unintended external requests or file modifications without clear user intent.

Missing User Warnings

Low

Confidence: 88% confidence
Finding: The skill does modify local files for deduplication/history tracking, but that side effect is not clearly surfaced to users in the main description and usage guidance. Hidden persistence is a security concern because users may not realize the skill stores data locally across runs, which can affect privacy, auditing, and trust in agent behavior.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal