Report Generator EN
Security checks across malware telemetry and agentic risk
Overview
The skill appears purpose-aligned: it fetches arXiv papers/search results and writes local research artifacts without evidence of hidden credential access, destructive behavior, or exfiltration.
Before installing, expect the skill to contact arXiv over HTTPS and create local PDFs, Markdown files, metadata, summaries, search results, and sync state. Use a dedicated output/root directory if you want to keep those generated files contained.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
60/60 vendors flagged this skill as clean.