Back to skill

Security audit

Review Common Core

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed shared review-reference package with small local JSON validation helpers and no evidence of hidden, networked, persistent, or destructive behavior.

Installers should understand that this is mostly shared review documentation plus two optional local validation scripts. Review the scripts before using them on sensitive drafts, and pass only the intended checklist JSON files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Tp4

High
Category
MCP Tool Poisoning
Confidence
84% confidence
Finding
The file describes the skill as a non-standalone shared review engine, but the package apparently also includes runnable validation scripts that can read local JSON/stdin, emit reports, and signal results via exit codes. This mismatch is dangerous because operators may trust the skill as passive reference material while it actually contains active tooling behavior, weakening review and permission decisions.

VirusTotal

56/56 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.