ArXiv Research
Security checks across malware telemetry and agentic risk
Overview
This skill does what it claims: it searches arXiv and downloads requested PDFs, with ordinary dependency and local-download considerations.
Safe for normal research use. Before installing, note that it depends on the external arxiv Python package and that download commands save PDFs under ~/Downloads/arxiv by default; review downloaded PDFs as you would any file from the internet.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.