paper-check

Security checks across malware telemetry and agentic risk

Overview

This skill locally checks and reformats thesis documents, and its file writes and reports match that stated purpose.

Use this on copies of important thesis files, choose a separate output path for repaired documents, and keep generated reports private because they can include thesis excerpts and metadata. Review all formatting changes before submitting academic work.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The README advertises automatic format repair and one-click fixes but does not clearly warn users that their original thesis documents may be modified. In a document-editing skill, this can lead to unintended overwrites, loss of user work, or silent alteration of important academic content if users assume the tool is analysis-only.

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The script generates a detailed plaintext report that includes paragraph text previews, headers/footers, table cell contents, image context, and other document metadata, then writes it to an arbitrary output path without any privacy warning, minimization, or redaction. In the context of thesis documents, this can expose personally identifiable information, unpublished research content, or confidential academic material if the report is stored insecurely, shared, or written to a sensitive location.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal