Back to skill

Security audit

Chatmosp Parameter Builder

Security checks across malware telemetry and agentic risk

Overview

This is a narrow ChatMOSP parameter-building skill with some confusing language-routing text, but no evidence of malware, data theft, persistence, or hidden system access.

Reasonable to install for ChatMOSP workflows. Before relying on it, clarify the language-routing comments and tighten the trigger wording so the skill only runs for confirmed MSR/KMC parameter-building tasks.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Intent-Code Divergence

Medium
Confidence
92% confidence
Finding
The language-routing block is contradictory: it says English users should read `SKILL_cn.md` while Chinese users should continue using `SKILL.md`, but this file itself is labeled `SKILL_cn.md` and later file structure labels differ. In an agent system, contradictory authoritative-source rules can cause the model to load or prioritize the wrong instruction file, producing unintended behavior or bypassing expected safeguards.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The trigger conditions are broad and underspecified, causing the skill to activate for loosely defined situations such as whenever parameters 'need to be built or adjusted.' In an agentic system, ambiguous routing can lead to unintended invocation, parameter mutation, or interference with other skills, especially because this skill sits before execution and can influence downstream calculations.

Vague Triggers

Medium
Confidence
76% confidence
Finding
The activation criteria are broad enough to trigger on many ordinary parameter-related interactions, not just narrowly scoped simulation-setup tasks. Over-broad activation increases the chance this skill overrides a more appropriate skill or captures user inputs unexpectedly, which can lead to incorrect tool use, parameter changes, or unintended workflow execution.

Natural-Language Policy Violations

Medium
Confidence
94% confidence
Finding
The routing instructions are internally inconsistent and force behavior based on language detection rather than a stable trust model. This creates instruction-selection ambiguity and can be exploited indirectly by causing the assistant to switch to a different file path or instruction set, weakening predictability and potentially bypassing intended constraints.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.