Atomic Knowledge Explainer

Security checks across malware telemetry and agentic risk

Overview

This is a text-only educational skill for breaking down knowledge into small concepts, with no executable code or hidden high-impact behavior found.

Installers should expect Chinese-format examples and may need to explicitly ask for another output language. Otherwise, the skill appears proportionate for educational knowledge decomposition and does not request sensitive access or execution authority.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Natural-Language Policy Violations

Medium

Confidence: 92% confidence
Finding: The exemplar is entirely written in Chinese and presents outputs only in Chinese, with no indication that language choice is user-selectable or inherited from user preference. This can override or constrain agent behavior in multilingual contexts, causing policy/UX misalignment and making the skill less safe to compose with systems that must preserve the user's requested language.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal