Ready Tools On Sciminer

Security checks across malware telemetry and agentic risk

Overview

This skill is mostly coherent for calling SciMiner tools, but it gives agents sensitive credential and file-upload authority based on live remote documentation without enough hard scoping.

Review before installing. Use this only with a SciMiner API key you are comfortable dedicating to this workflow, avoid submitting sensitive or proprietary files unless you intend to upload them to SciMiner, and verify that generated calls target the expected SciMiner domain before any API key or file is sent.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (5)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill explicitly supports uploading local files and sending request data to a third-party SciMiner service, but its user-facing description does not warn that local file contents and tool parameters will leave the local environment. This can cause users to disclose sensitive research data, proprietary files, or personal information without informed consent, especially because the skill is generic and can invoke arbitrary remote tools discovered from a live index.

Credential Access

High

Category: Privilege Escalation
Content: name: ready-tools-on-sciminer description: Discover a user-specified SciMiner tool from the published API-doc index, read its Markdown description, and invoke it through the SciMiner internal API. credential_files: - ~/.config/sciminer/credentials.json --- # Ready Tools on SciMiner
Confidence: 84% confidence
Finding: credentials.json

Credential Access

High

Category: Privilege Escalation
Content: matching Markdown file, reads the document, and writes or runs invocation code from the selected document's exact fields. SciMiner calls must read the API key from `~/.config/sciminer/credentials.json` and send it as the `X-Auth-Token`, and user-facing summaries must include the returned `share_url` for each successful task.
Confidence: 91% confidence
Finding: credentials.json

Credential Access

High

Category: Privilege Escalation
Content: ## Prerequisites 1. Obtain a free SciMiner API key from `https://sciminer.tech/utility`. 2. Store it outside this repository at `~/.config/sciminer/credentials.json` with JSON shaped as `{"api_key":"your_api_key_here"}`. 3. For SciMiner calls, read the API key from `~/.config/sciminer/credentials.json` and send it as the `X-Auth-Token`
Confidence: 81% confidence
Finding: credentials.json

Credential Access

High

Category: Privilege Escalation
Content: 2. Store it outside this repository at `~/.config/sciminer/credentials.json` with JSON shaped as `{"api_key":"your_api_key_here"}`. 3. For SciMiner calls, read the API key from `~/.config/sciminer/credentials.json` and send it as the `X-Auth-Token` header. 4. Never print, persist, or store the API key in prompts, logs, or repository files. Agents should remember only the credential file path.
Confidence: 79% confidence
Finding: credentials.json

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal