Back to skill

Security audit

Html Report

Security checks across malware telemetry and agentic risk

Overview

This skill is a presentation helper that creates self-contained HTML reports, with its file writing and helper script behavior disclosed and aligned to that purpose.

Install this if you want agents to create polished local HTML reports. Be aware it writes report files under plans/reports and may open them in your browser; do not include secrets, tokens, credentials, customer PII, or other sensitive content in generated reports because the output is designed to be easy to share.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
85% confidence
Finding
The skill instructs the agent to read templates/CSS, write output files under plans/reports, and invoke a shell command to run build_report.py, yet it declares no permissions. This mismatch can bypass user/operator expectations and weakens least-privilege controls, especially because shell execution and file writes are explicitly part of the workflow.

Vague Triggers

Medium
Confidence
72% confidence
Finding
The trigger terms are broad enough to match many generic requests for a report, summary, review, or analysis, which can cause the skill to activate in situations where the user did not specifically ask for this file-writing HTML workflow. Over-broad activation increases the chance of unintended file creation and shell-assisted actions being selected over safer plain-text responses.

Vague Triggers

Medium
Confidence
76% confidence
Finding
The guidance says to use the skill when presenting findings and wanting a readable page rather than markdown, which allows inference of HTML output without an explicit user request. That ambiguity is risky because this skill performs file generation and recommends opening the result, so inferred activation can lead to side effects the user did not clearly authorize.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.