Security audit

AI Content Collector

Security checks across malware telemetry and agentic risk

Overview

This skill is a public-news collection workflow that creates spreadsheet reports, with no evidence of hidden data access, persistence, exfiltration, or destructive behavior.

Install only if you want a Chinese-source-prioritized AI and automotive news collector that performs fresh web searches and writes report files. Review agent permissions for Bash/Read/Write, and do not run the optional helper-skill install commands or configure related API keys unless you trust those separate skills and need their scraping capabilities.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (3)

Intent-Code Divergence

Medium

Confidence: 90% confidence
Finding: The skill first instructs the agent to stop execution if openpyxl is missing, but later provides a fallback path that generates CSV without openpyxl. Conflicting dependency-handling rules can cause unpredictable behavior, policy bypass, or partial execution paths where validation and output guarantees no longer match the advertised controls.

Vague Triggers

Medium

Confidence: 86% confidence
Finding: The description/trigger scope is broad enough to match generic requests about collecting news, scanning information, or organizing materials into Excel. Overly broad activation can cause the skill to run in contexts the user did not explicitly intend, increasing the chance of unnecessary web access, file creation, and tool usage.

Natural-Language Policy Violations

Medium

Confidence: 83% confidence
Finding: The skill hard-codes a Chinese-language sourcing preference and forbids fallback to predominantly English sources without asking the user. This can override user intent, bias source selection, and reduce relevance or completeness for users who did not request Chinese-only or China-prioritized coverage.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.