Styrene

Security checks across malware telemetry and agentic risk

Overview

This skill is not malware, but its advertised styrene-distillation CAD purpose does not match the mechanical parts API workflow it would run on an external site.

Install only if you intentionally want an agent to use jixietools.com to create and monitor guest mechanical CAD production sheets. Do not treat it as a reliable styrene-distillation process-drawing skill unless the publisher fixes the naming, category IDs, product examples, and explicit consent steps for remote API use.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (4)

Intent-Code Divergence

High

Confidence: 98% confidence
Finding: The skill is presented as a styrene distillation CAD generator, but the workflow actually targets a mechanical parts platform and gear/transmission product flows. This mismatch can mislead users and downstream agents into sending unrelated data to an external service, creating a strong deceptive-behavior risk and undermining informed consent.

Description-Behavior Mismatch

High

Confidence: 99% confidence
Finding: The skill claims to generate styrene distillation CAD drawings, but the instructions direct the agent to access jixietools.com APIs, create guest production sheets, and poll remote job state for mechanical products. This is dangerous because users may authorize one task while the agent performs a materially different external operation, including remote resource creation and data transmission.

Vague Triggers

Medium

Confidence: 74% confidence
Finding: The trigger set includes broad phrases such as 'styrene' and generic requests to 'make one', which can cause accidental activation outside the intended context. In this skill, misfire is more dangerous because activation can lead to external API calls and guest job creation without a clear domain match.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The skill instructs the agent to create a remote production sheet and automatically poll it every 5 seconds, but it does not require explicit user warning or consent for these external side effects. This can surprise users, create unwanted remote records, and generate unnecessary traffic or privacy exposure.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal