text-transformer

Security checks across malware telemetry and agentic risk

Overview

This is a simple uppercase text tool that discloses local Python execution and shows no hidden data access, persistence, or destructive behavior.

Install only if you are comfortable with the agent running this included local Python script for text transformations. Do not pass secrets or sensitive text unless you intend it to be processed and displayed back, and prefer clients that pass the text as a structured argument rather than building a raw shell command.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Behavioral ASTexec() Call, eval() Call, Dynamic Import
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The trigger condition is broad enough that the skill may activate on generic requests to 'process text,' which can cause unintended execution of the associated tool flow. In this skill, unintended invocation matters because activation leads directly to subprocess execution with user-derived input, increasing the chance of unsafe or surprising behavior.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The skill explicitly instructs the agent to invoke a command-line Python script using text extracted from user input, but provides no warning, sanitization guidance, or safe argument-handling requirements. Because the command example interpolates user-controlled text into a shell command, this creates a plausible command-injection and unsafe subprocess-execution risk if implemented through a shell-capable tool.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal