Back to skill

Security audit

Course Study

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only study-note workflow with disclosed, purpose-aligned handling of course materials and optional web-supported syllabus lookup.

Before installing, expect the skill to create local study-note files and optionally use web search for public syllabus or supplement sources. Provide actual course materials when possible, verify course-name-only outlines against your real syllabus, and do not use it to produce answers for graded submissions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The README advertises very broad natural-language triggers such as '复习这门课', '整理这份讲义', and '把 X 这个知识点讲简单点', which overlap heavily with ordinary tutoring or study requests. This increases the chance the skill is invoked unintentionally in contexts the user did not explicitly opt into, including requests adjacent to graded work or general educational assistance.

Vague Triggers

Medium
Confidence
80% confidence
Finding
The course-name path allows the skill to 'search standard syllabus' without clearly defining when that behavior is appropriate or what sources are allowed. In practice, this can cause the agent to autonomously expand scope, initiate retrieval without sufficiently explicit user consent, and generate content from an inferred course rather than the user's actual materials, which risks both privacy and integrity issues.

Natural-Language Policy Violations

Medium
Confidence
95% confidence
Finding
Mandating silent web-access detection removes transparency around whether the agent is checking for or preparing to use networked capabilities. Even if framed as capability detection, silent external-capability probing can undermine user expectations, bypass informed consent, and become a stepping stone to unintended browsing or retrieval behavior.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Static analysis

No suspicious patterns detected.