Back to skill

Security audit

Print Failure Analyst

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent 3D-print troubleshooting helper that stores only user-requested local failure logs and reports.

Installers should know that logged failures may include printer names, materials, slicer settings, descriptions, fixes, and notes stored locally in assets/failure-log.json, plus any saved report files. Avoid entering sensitive personal or business details unless local retention is acceptable, and delete or redact the log/reports if they are no longer needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill explicitly maintains a personal failure log in a local JSON file and can generate saved markdown reports, but it does not instruct the agent to obtain informed user consent or warn that data will persist on disk. Even though the data appears operational rather than highly sensitive, printer names, materials, notes, and free-form descriptions may contain personal or environment-specific information that can accumulate over time and be exposed to other local users, later tools, or backups.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.