Back to skill

Security audit

cpn_modeling_tool

Security checks across malware telemetry and agentic risk

Overview

This is a CPN/Petri-net workflow modeling skill with disclosed outputs and no evidence of credential use, exfiltration, destructive behavior, or hidden persistence.

Install this if you want Chinese-language help turning workflows into CPN/Petri-net models. Be aware it may activate for broad workflow-modeling prompts and can create a local /tmp HTML visualization file containing browser JavaScript; use it when that output is intended and clean up temporary files if needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Vague Triggers

Medium
Confidence
92% confidence
Finding
The trigger scope is overly broad: it activates not only for explicit CPN/Petri-net requests but also for generic workflow requests like '帮我画流程' or any scenario with ordering dependencies. This can cause the skill to intercept unrelated requests and steer users into specialized modeling behavior they did not ask for, reducing routing integrity and potentially causing unintended file-writing/tool-use behavior in contexts where a simpler response was appropriate.

Natural-Language Policy Violations

Medium
Confidence
90% confidence
Finding
The skill content is written to enforce Chinese-language interaction and provides no language negotiation or fallback, which can override the user's preferred language and degrade clarity. In safety-sensitive or technical modeling tasks, forced language mismatch can lead to misunderstanding of requirements, incorrect models, and user inability to review generated artifacts accurately.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.