Back to skill

Security audit

WMU志愿时长收集器

Security checks across malware telemetry and agentic risk

Overview

This looks like a legitimate spreadsheet helper, but its local file access and unnecessary network use are broader than the stated volunteer-hours workflow needs.

Install only if you are comfortable giving the skill access to the target spreadsheet folder. Use a dedicated directory, keep backups of original files, deny network access unless there is a clearly explained reason, and look for a dry-run or file preview before allowing writes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
85% confidence
Finding
The skill performs file reads and writes across a user-specified working directory but does not declare permissions or otherwise constrain that access. This creates a mismatch between stated trust boundaries and actual behavior, increasing the risk of unintended file access, overwrites, or processing of unrelated local spreadsheets if the skill is invoked in the wrong directory.

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
The instruction to use webfetch/network access to determine the current year is unnecessary for a local spreadsheet aggregation task and expands the skill's privilege surface without need. Unnecessary network use can leak contextual data, introduce external dependency risk, and allow data flow outside the local environment for a task that should rely only on the local system date.

Vague Triggers

Medium
Confidence
72% confidence
Finding
The trigger conditions are broad enough to match many ordinary spreadsheet-cleanup or volunteer-summary requests, which can cause the skill to activate outside its intended context. In a skill that reads and writes local files, overbroad triggering increases the chance of accidental execution on unrelated datasets and unauthorized modification of user files.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.