Security audit

Advisor Finder

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only academic advisor research helper that uses public web evidence and does not request privileged access or execution.

Safe to install as a public academic research aid. Expect it to browse public university and publication sources, rank real faculty, and include public contact details when available; verify affiliations, recent papers, and emails before using the results for outreach, and be aware it may answer in Chinese unless overridden.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Natural-Language Policy Violations

Medium

Confidence: 90% confidence
Finding: The skill unconditionally forces output in Chinese regardless of the user's language preference. This can override user intent, reduce transparency of the model's reasoning to the user, and create opportunities for confusion or misdelivery in multilingual settings, though it is not directly enabling code execution or data exfiltration.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal