Back to skill

Security audit

Network Pharmacology

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a legitimate SciMiner research workflow with disclosed credential use and report generation, not hidden or unrelated behavior.

Install this only if you intend to use SciMiner and are comfortable letting the agent read the specified SciMiner API key at runtime. Use a dedicated project folder, review generated reports and saved share URLs before sharing them, and avoid opening the HTML report in restricted environments unless external CDN loading is acceptable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The generated report unconditionally loads Cytoscape.js from a public CDN when the HTML file is opened, which causes an external network request and creates a supply-chain and privacy risk. In environments handling unpublished biomedical hypotheses or sensitive local workflows, opening the report can disclose usage metadata and makes integrity dependent on a third-party-hosted script.

Credential Access

High
Category
Privilege Escalation
Content
## Prerequisites and boundaries

- Require the SciMiner credential file at `~/.config/sciminer/credentials.json`, with one `api_key` field, before submitting any SciMiner task. Read it only at runtime; never print, copy, or persist the key.
- Resolve every SciMiner capability from the live tool-doc index at `https://sciminer.tech/tool_api_files/` and read the selected `*_api_doc.md` immediately before invocation. That document is authoritative for provider/tool names, parameters, upload behavior, polling, and results.
- Return each successful task's `share_url`. Preserve its `task_id` and source-document URL in the project manifest.
- Do not use a target prediction, a network centrality score, enrichment, or docking score as proof of binding, efficacy, synergy, causality, or clinical benefit.
Confidence
95% confidence
Finding
credentials.json

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.