Back to skill

Security audit

Academic Deep Research

Security checks across malware telemetry and agentic risk

Overview

This is a research workflow skill whose web and parallel-research behavior matches its stated purpose, with some privacy and trigger-scope cautions.

Install if you want an agent to run structured, citation-heavy web research. Avoid using it with confidential topics, secrets, internal URLs, or private documents unless you are comfortable with those queries and sources being used in networked research tools, and confirm the research plan before allowing long or costly runs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The README advertises use of web_search and web_fetch but does not disclose that user prompts, search terms, and fetched URLs/content may be transmitted to external web resources. In a research skill, users may provide sensitive topics, proprietary questions, or internal URLs, so lack of notice and consent can lead to unintended data exposure and privacy/compliance issues.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger guidance is broad enough to activate on common phrases such as requests for exhaustive analysis or 'tell me everything about X,' which can cause the skill to engage in situations beyond its intended scope. In an agent system, over-broad activation can override more appropriate specialized skills, increase unnecessary tool use, and create opportunities for prompt-routing abuse or unintended data exposure during research workflows.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The invocation guidance allows activation not only via a command but also through broad natural-language phrases like "deep research" and "exhaustive analysis." This increases the chance of unintended or adversarial triggering in normal conversation, which can cause the agent to enter an expensive, autonomous research workflow without clear user intent or confirmation.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.