Distillation

Security checks across malware telemetry and agentic risk

Overview

This appears to be a disclosed CAD-generation helper with documentation inconsistencies, not evidence of hidden or harmful behavior.

Install only if you are comfortable sending distillation-tower design inputs to the skill's external CAD service. Before submitting parameters or creating a production sheet, confirm that the product list and category ID match distillation towers rather than another mechanical product category.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 90% confidence
Finding: The skill’s stated purpose is distillation-tower CAD generation, but the workflow and examples reference generic mechanical products such as gears and production-sheet APIs with inconsistent category usage. This mismatch can mislead users into sending requests and design inputs to an unintended backend flow, increasing the risk of incorrect processing, data leakage to the wrong service path, and unsafe automation decisions.

Intent-Code Divergence

Medium

Confidence: 93% confidence
Finding: The document declares one distillation-tower category ID in the metadata section but later instructs the agent to query a different category ID. This internal contradiction can cause the agent to retrieve and operate on the wrong product set, creating integrity issues and potentially exposing or transmitting user inputs to unintended endpoints.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal