Patent Writer

Security checks across malware telemetry and agentic risk

Overview

This patent-writing skill is mostly coherent, but its DOCX helper script uses unsafe shell evaluation that could run unintended local commands from crafted file paths.

Review before installing. Use only simple trusted filenames and output paths, avoid confidential invention details in external searches, and prefer fixing the converter to call pandoc directly without eval before using DOCX export.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Context-Inappropriate Capability

Medium

Confidence: 77% confidence
Finding: The skill directs the agent to invoke a local shell script and pandoc to generate DOCX output, which introduces local tool execution and file-writing behavior. Even though this appears intended for legitimate document export, subprocess execution expands the attack surface: unsafe argument handling, unintended filesystem writes, or abuse of external converters can lead to command execution or data exposure if downstream inputs are not tightly controlled.

Missing User Warnings

Medium

Confidence: 84% confidence
Finding: The skill states that it will generate and output files, and later reveals a concrete workspace path, but it does not clearly obtain user consent up front for writing to local storage. Silent or implicit file creation in a user workspace can surprise users, overwrite prior work, or leak sensitive project names and content into predictable directories.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal