Security audit

Ai Readiness

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do what it says: research a website and create AI-readiness files, with ordinary caution around web research and local file creation.

Install or run this only when you intentionally want an agent to research a target website and generate deployable AI-readiness files. Review the generated files before publishing them, especially robots.txt, policy text, schema, and any claims derived from web research.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands

Findings (7)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 83% confidence
Finding: The skill clearly instructs the agent to read references and write 18 files into the workspace, yet it declares no permissions. That creates a transparency and policy-enforcement gap: users and runtime controls may not realize the skill can modify the filesystem, increasing the chance of unexpected writes or misuse.

Context-Inappropriate Capability

Medium

Confidence: 79% confidence
Finding: The skill includes an inline Python execution step, which expands capability from content generation into code execution. If output paths or inputs are not tightly controlled by the surrounding platform, this can become a vehicle for unintended command execution, unsafe file access, or bypassing normal safety controls.

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The README encourages triggering the skill from very broad natural-language phrases across multiple agents, which can cause accidental invocation when a user is only asking about AI search or crawler concepts rather than explicitly authorizing file generation. Because the skill can research external sites and write a full folder into the workspace, ambiguous triggers create a real risk of unintended actions.

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The usage examples normalize broad natural-language requests as sufficient authorization to run the skill, despite the skill performing multi-step research and writing many files. In an agent environment, this increases the chance that incidental or exploratory user text is interpreted as permission to execute side effects.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The README states that the skill will research a site and generate files in the workspace, but it does not clearly warn users that this may transmit target domains or related prompts to external services and will modify local files. Users may therefore invoke it without understanding the privacy and integrity implications of network access and workspace writes.

Vague Triggers

Medium

Confidence: 74% confidence
Finding: The trigger conditions are broad enough to activate on many generic AI-related requests, not just an explicit command. Over-broad invocation can cause the agent to perform extensive research and write files when the user only wanted information, leading to unintended side effects and privilege use.

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The skill is designed to write a substantial set of deployment-oriented files into the workspace but does not require a user-facing warning or confirmation before making those changes. This raises the risk of surprise filesystem modifications, clutter, overwriting existing content, or planting artifacts that users may deploy without careful review.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal