Academic Thesis Workflow

Security checks across malware telemetry and agentic risk

Overview

This is a markdown-only academic writing workflow with no evidence of code execution, credential access, persistence, or hidden data movement.

Use this as a drafting aid, especially for Chinese academic writing workflows. Before relying on output, verify all citations and facts, check for fabricated references, and follow your institution's academic integrity rules.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The skill description is broad enough to trigger on many generic academic-writing requests, which can cause the agent to invoke this workflow when the user did not intend a full thesis-generation process. Overbroad activation increases the chance of inappropriate routing, unintended large-context loading, and policy bypass of more specialized or safer skills for narrower tasks such as editing, citation checking, or brainstorming.

Natural-Language Policy Violations

Medium

Confidence: 80% confidence
Finding: The skill hard-codes Chinese as the output language without checking user preference, which can override user intent and create unreliable or inaccessible outputs. In agent settings, fixed-language behavior can also interfere with downstream review, moderation, or user comprehension when the surrounding session is in another language.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal