Back to skill

Security audit

Academic Deep Research

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed deep-research workflow skill that can use many web searches and helper sessions after approval, but its behavior matches its stated purpose and shows no hidden or destructive actions.

Install this if you want a heavyweight research assistant that may perform many searches, fetch pages, consult prior memory, and spawn parallel research helpers after you approve a plan. Review the plan before approving, and avoid giving it secrets, private documents, or sensitive internal topics unless that external research and memory use is acceptable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The README advertises very broad invocation phrases such as asking for "deep research on..." or "exhaustive analysis of...", which can cause the skill to be selected for generic user requests beyond its intended scope. In an agent ecosystem, this increases the chance of unintended activation, over-privileged tool use, and prompt-routing conflicts, especially because the skill performs autonomous web_search/web_fetch activity once engaged.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The trigger guidance is broad enough to match common user phrases such as 'deep research,' 'exhaustive analysis,' or 'tell me everything about X,' which can cause the skill to activate in situations the user may not have intended. In this skill, unintended invocation is more concerning because activation leads to a high-cost, multi-phase workflow with web access and possible parallel session spawning, increasing the chance of unnecessary external requests, resource consumption, and unexpected data handling.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The invocation guidance includes broad natural-language triggers like mentioning "deep research" or "exhaustive analysis," which can cause the skill to activate during ordinary conversation rather than through an explicit command. In a skill that performs automated multi-step web research, accidental invocation can trigger unnecessary external tool use, increased cost, unintended data handling, and workflow hijacking away from the user’s immediate intent.

Autonomous Decision Making

Medium
Category
Excessive Agency
Content
---

## Phase 3: Research Cycles (Auto-Execute)

### Theme 1: Market Landscape — Cycle 1
Confidence
84% confidence
Finding
Auto-Execute

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.