Back to skill

Security audit

Print Failure Analyst

Security checks across malware telemetry and agentic risk

Overview

This skill is a local 3D-print troubleshooting helper whose logging and report-writing behavior is disclosed and fits its purpose.

Use this skill if you are comfortable keeping a local history of print failures. Avoid putting unrelated private details in failure descriptions or notes, and review any report output path before saving a report.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Low
Confidence
93% confidence
Finding
The skill explicitly maintains a personal failure log in `assets/failure-log.json` and can write reports to arbitrary files via `report.py --output`, but the user-facing description does not clearly disclose these persistence and file-write behaviors. This is dangerous because users may provide printer, material, and free-form notes assuming an ephemeral diagnostic interaction, when the skill can retain that data and create files on disk without prominent prior notice.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.