Spray Dryer

Security checks across malware telemetry and agentic risk

Overview

The skill is not obviously malicious, but it has a concrete product/category mismatch that could send users into the wrong CAD generation workflow.

Review carefully before installing. The skill does not show credential theft, local file access, or destructive behavior, but its catalog/category mismatch could generate the wrong CAD artifacts or production sheet. Install only if you can verify that category_id=8 and the listed products are actually the intended spray-dryer workflow on jixietools.com.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 95% confidence
Finding: The skill advertises spray-dryer CAD generation, but the documented workflow calls generic product/configuration APIs and even shows example parameter names consistent with gearboxes rather than spray dryers. This mismatch can mislead users into submitting data to the wrong workflow or generating incorrect manufacturing artifacts, which is a genuine integrity and trust issue in an automation skill.

Intent-Code Divergence

Medium

Confidence: 98% confidence
Finding: The documentation states one spray-dryer category ID but the actual request uses another category ID, creating an internal contradiction in how products are selected. This can route users into the wrong catalog and produce unintended designs or orders, especially because the rest of the flow depends on category/product identity being correct.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal