Security audit

Cnc Quick Probe

Security checks across malware telemetry and agentic risk

Overview

The skill does what it advertises: it collects missing CNC quote parameters and can hand off to a quote system, but users should notice the automatic routing and external local dependency.

Install only if you want a CNC quoting workflow that proactively asks for missing manufacturing parameters and may hand off to the quote system once enough information is collected. Verify that the referenced cnc-quote-system installed at the local workspace path is trusted, and review generated quotes before relying on or sending them.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (4)

Context-Inappropriate Capability

Medium

Confidence: 90% confidence
Finding: The skill modifies sys.path to load and execute Python code from an external workspace directory outside the skill itself. This creates a code-trust boundary violation: if that workspace path or module is altered, the skill will run attacker-controlled code with the agent's privileges, which is especially risky in a shared admin-controlled path.

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The trigger '报价参数不全' is broad and can match many ordinary conversations about quoting, causing the skill to auto-route when the user did not explicitly request parameter collection. Because the skill is configured with auto_route: true and can continue questioning until convergence, this can create unauthorized workflow takeover, unnecessary data collection, and accidental transition into quoting behavior.

Vague Triggers

Medium

Confidence: 85% confidence
Finding: The phrase '无图纸报价' is ambiguous between a user utterance and an internal system condition, which increases the chance of accidental activation or misrouting. In a skill that auto-collects parameters and may eventually trigger a quote, unclear trigger semantics can cause the agent to steer the interaction into a transactional flow without sufficient user intent validation.

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The description states the skill auto-triggers whenever quote-request parameters are incomplete, but it does not define strict boundaries, exclusions, or confirmation steps. In context, that makes the skill more dangerous because it sits in the main routing path and automatically hands off to a quoting skill once an 80% convergence threshold is met, enabling unintended business actions from loosely matched conversations.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal