Legal/TOS Diff-er

Security checks across malware telemetry and agentic risk

Overview

This skill does what it advertises: it fetches legal pages, saves local snapshots, and compares them, with a disclosed remove command that should be used carefully.

Use this for public legal documents or documents you are comfortable storing locally. Set TOS_DATA_DIR to a dedicated folder, back up snapshots you care about before using remove_url, and review generated legal-change analyses with the understanding that fetched webpage text is untrusted input.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 81% confidence
Finding: The skill advertises that remove_url deletes tracked URLs and their snapshots, but the interface provides no warning, confirmation, or recovery mechanism. This makes accidental or induced deletion of historical legal snapshots plausible, which can destroy audit history and evidence needed to prove meaningful Terms of Service changes over time.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The `remove` command deletes all data associated with a user-supplied URL immediately, without any confirmation prompt, dry-run mode, or safeguard against accidental invocation. In this skill, removal affects stored legal snapshots and tracking metadata, so a mistaken or automated call can irreversibly erase historical evidence needed for change tracking or audit purposes.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal