Security audit

Academic Deep Research

Security checks across malware telemetry and agentic risk

Overview

This is a documented research workflow skill, not executable code, with broad activation language and automated research cycles that users should scope before use.

Install only if you want an expansive research workflow. For sensitive topics, explicitly limit web use, disable memory or parallel sessions if not needed, and require the agent to pause before executing each theme or source batch.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (4)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The README advertises generic natural-language triggers such as asking for "deep research on..." or "exhaustive analysis of...", which are broad enough to match ordinary user requests and may cause the skill to auto-activate unexpectedly. In an agent environment, ambiguous invocation increases the risk of unintended tool use, scope expansion, and routing sensitive or unrelated queries into a high-autonomy research workflow.

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The trigger guidance uses very broad, everyday phrases such as requests for exhaustive analysis or 'tell me everything about X,' which can cause the skill to activate in situations the user did not specifically intend. In a skill that drives extensive web research and parallel sub-agent spawning, unintended invocation can increase cost, latency, and data exposure to external sources, making this more than a purely UX issue.

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The invocation guidance includes broad natural-language phrases such as mentioning "deep research" or "exhaustive analysis," which can overlap with ordinary user conversation rather than an explicit command. This raises the risk of unintended activation, causing the agent to enter a powerful, tool-using research workflow without clear user intent, potentially leading to unnecessary external requests, higher cost, or disclosure of contextual data to integrated tools.

Autonomous Decision Making

Medium

Category: Excessive Agency
Content: --- ## Phase 3: Research Cycles (Auto-Execute) ### Theme 1: Market Landscape — Cycle 1
Confidence: 84% confidence
Finding: Auto-Execute

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal