Security audit

Publish Art Tutor

Security checks across malware telemetry and agentic risk

Overview

This art tutor skill is coherent and read-only, but it can list filenames inside the art library folder you configure.

Install this only if you are comfortable letting the agent list filenames and sizes in the configured art knowledge-base folder. Point knowledge_base_path at a dedicated art-books directory, not a broad personal or system folder.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 92% confidence
Finding: The skill is presented as a knowledge-base assistant, but it instructs the agent to operate directly on a user-configured filesystem path and to recurse through it. If the configured path is broader than intended, this can expose unrelated local files and metadata, turning a simple tutoring workflow into arbitrary local file enumeration.

Context-Inappropriate Capability

Medium

Confidence: 95% confidence
Finding: The skill explicitly tells the agent to use generic `exec` for file discovery. Even though the examples are read-oriented PowerShell commands, granting or encouraging shell execution is broader than necessary for an art tutor and increases the risk of command misuse, parameter injection, or expansion into more sensitive local operations.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal