Back to skill

Security audit

unisound-pmh-missing-bp-glucose

Security checks across malware telemetry and agentic risk

Overview

This skill performs the disclosed medical-record quality check, but users must treat the remote LLM data flow as sensitive.

Install only if your organization permits sending de-identified outpatient record text to the configured HiVoice MaaS or approved compatible endpoint. Keep the app key out of source control and logs, avoid untrusted --base URLs, review the shared doc-preprocess dependency before using multi-format files, and avoid --save-prepared unless local storage of record text is approved.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The code sends the patient's 既往史/record content to an external LLM endpoint over the network, but there is no explicit consent, disclosure, de-identification, or policy enforcement in the skill itself. In a medical EMR quality-control context, this can expose sensitive health information to a third-party processor and may violate privacy, data residency, or compliance requirements even if the transport is HTTPS.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.