Back to skill

Security audit

Paper Repro Triage

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed paper-reproduction helper that clones or inspects research code and writes local reports, with clear limits against installing dependencies, downloading datasets, or running training automatically.

Install only if you are comfortable with the agent creating a local paper-repro-workspace, cloning official or likely-official GitHub/GitLab repositories, inspecting repo-like folders in the workspace or PAPER_REPRO_LOCAL_CODE_ROOTS, and writing Markdown reports. Review cloned code and generated requirements before installing packages, downloading datasets, or running any training or evaluation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill instructs the agent to use shell, file read/write, environment inspection, and network-adjacent repository operations such as `git clone` and running local Python scripts, yet no explicit permissions are declared. This creates a capability/permission mismatch: a caller or reviewer may assume the skill is low-privilege while it actually drives high-impact actions on the workspace and potentially on fetched repositories, increasing the risk of unintended code execution, data exposure, or unsafe file modification.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.dynamic_code_execution

Dynamic code execution detected.

Critical
Code
suspicious.dynamic_code_execution
Location
scripts/scaffold_repro_project.py:430