Back to skill

Security audit

Math Expression

Security checks across malware telemetry and agentic risk

Overview

This is a local Wolfram math-evaluation skill with disclosed dependencies and default safety checks, though users should avoid its optional unsafe mode.

Install only if you trust the local WolframKernel and Python dependency source. Use it for math-only expressions, keep the default guard enabled, and do not use --allow-unsafe with untrusted input or outside an isolated environment.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Context-Inappropriate Capability

Medium
Confidence
96% confidence
Finding
The --allow-unsafe flag explicitly permits evaluation of Wolfram expressions containing filesystem, network, and process-control primitives. In a skill advertised as a math-expression evaluator, this creates a dangerous capability escalation path from pure computation to arbitrary side-effecting operations, enabling file access, outbound requests, or command execution if an attacker can influence arguments.

Description-Behavior Mismatch

High
Confidence
98% confidence
Finding
The implementation directly evaluates user-supplied Wolfram Language code via wlexpr(args.expr), and when --allow-unsafe is enabled the only symbol-based safety gate is bypassed. Because Wolfram Language includes primitives for file I/O, networking, and process execution, this turns a math tool into a general code-execution surface with real side effects.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.