Academic Paper Summarizer

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward academic paper summarizer that saves local summary and prompt files, with no evidence of hidden execution or data theft.

Safe to install for ordinary academic summarization. Avoid using confidential unpublished work, private reviewer notes, or proprietary research context unless you are comfortable with those details being saved in local summary and prompt files; review or delete those files when they are no longer needed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Low

Confidence: 89% confidence
Finding: The skill explicitly states that it writes summaries and prompt records to local files, but it does not warn users that running the skill will create persistent artifacts on disk. This can expose sensitive research inputs, prompts, or proprietary paper-analysis context to unintended local disclosure, especially in shared or multi-user environments. The context makes this somewhat more concerning because prompt tracking may store full prompts containing user-provided data, not just final summaries.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal