Back to skill

Security audit

Chatmosp Kmc Simulator

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed KMC simulator workflow that runs local simulation software through Wine, with minor documentation issues but no hidden data access or destructive behavior in the artifacts.

Before installing, confirm you trust the external mosp-for-chatMOSP engine and only run the Wine installation commands if you are comfortable changing system packages. The publisher should fix the SKILL.md/SKILL_cn.md language-routing labels to avoid confusion.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Intent-Code Divergence

Medium
Confidence
96% confidence
Finding
The language-routing block tells the agent that if the user writes in English it should read `SKILL_cn.md`, while the Chinese text simultaneously says this current file should continue as `SKILL.md`. This contradiction can cause the agent to load or prioritize the wrong instruction source, creating instruction confusion and making it easier for adversarial content in one file to override or bypass the intended policy flow.

Intent-Code Divergence

Medium
Confidence
93% confidence
Finding
The file structure section states `SKILL.md` is the current Chinese file and `SKILL_cn.md` is the English version, which conflicts with the actual analyzed filename and earlier routing text. Such inconsistencies increase the chance an agent will ingest the wrong document or treat attacker-controlled alternate content as authoritative, undermining safe skill execution and reviewability.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The skill contains direct shell instructions to create directories, copy files, install packages, and execute an external simulation engine through Python and Wine, but it does not clearly frame these as filesystem-modifying and code-executing operations requiring explicit user awareness and authorization. In an agent setting, that increases the risk of unintended local changes, dependency installation, or running untrusted binaries if the surrounding system executes skill instructions too automatically.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.