Security audit

arXiv Search Master

Security checks across malware telemetry and agentic risk

Overview

This is a mostly coherent arXiv research tool, but batch input can choose output file paths outside the intended folder, so users should review it before installing.

Install in an isolated virtual environment, avoid using --no-verify-ssl, and prefer pinned dependencies or a lockfile. Only run batch JSONL files you trust, or inspect the 'name' fields first to ensure they do not contain absolute paths, slashes, or '..' traversal. Treat downloaded PDFs as untrusted documents.

SkillSpector

By NVIDIA

Vulnerability Patterns

Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (12)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill explicitly documents a --no-verify-ssl option without warning users about the security consequences. Disabling TLS certificate validation enables man-in-the-middle attacks and tampering with downloaded PDFs or metadata, which is especially risky for a network-facing paper retrieval tool.

Unpinned Dependencies

Low

Category: Supply Chain
Content: # arXiv Search Skill Dependencies # 核心 arXiv API arxiv>=1.4.8 # HTTP 请求 requests>=2.28.0
Confidence: 95% confidence
Finding: arxiv>=1.4.8

Unpinned Dependencies

Low

Category: Supply Chain
Content: arxiv>=1.4.8 # HTTP 请求 requests>=2.28.0 urllib3>=1.26.0 # 数据处理
Confidence: 97% confidence
Finding: requests>=2.28.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: # HTTP 请求 requests>=2.28.0 urllib3>=1.26.0 # 数据处理 pandas>=1.5.0
Confidence: 97% confidence
Finding: urllib3>=1.26.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: urllib3>=1.26.0 # 数据处理 pandas>=1.5.0 numpy>=1.23.0 # YAML 配置
Confidence: 93% confidence
Finding: pandas>=1.5.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: # 数据处理 pandas>=1.5.0 numpy>=1.23.0 # YAML 配置 PyYAML>=6.0
Confidence: 93% confidence
Finding: numpy>=1.23.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: numpy>=1.23.0 # YAML 配置 PyYAML>=6.0 # 并行处理 tqdm>=4.64.0
Confidence: 96% confidence
Finding: PyYAML>=6.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: PyYAML>=6.0 # 并行处理 tqdm>=4.64.0 # PDF 处理 PyPDF2>=3.0.0
Confidence: 90% confidence
Finding: tqdm>=4.64.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: tqdm>=4.64.0 # PDF 处理 PyPDF2>=3.0.0 pdfminer.six>=20221105 # 日期处理
Confidence: 97% confidence
Finding: PyPDF2>=3.0.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: pdfminer.six>=20221105 # 日期处理 python-dateutil>=2.8.0 # 日志 colorlog>=6.7.0
Confidence: 88% confidence
Finding: python-dateutil>=2.8.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: python-dateutil>=2.8.0 # 日志 colorlog>=6.7.0 # 命令行界面 click>=8.1.0
Confidence: 87% confidence
Finding: colorlog>=6.7.0

Unpinned Dependencies

Low

Category: Supply Chain
Content: colorlog>=6.7.0 # 命令行界面 click>=8.1.0 # 可选 - 用于总结功能 (需要额外配置) # openai>=1.0.0
Confidence: 90% confidence
Finding: click>=8.1.0

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.