Back to skill

Security audit

arxiv-skill-hunter

Security checks across malware telemetry and agentic risk

Overview

This skill is transparent about its goal, but it can automatically turn online arXiv content into persistent runnable local skills without a clear review or approval step.

Install or run this only in a sandbox or disposable workspace unless you also trust and have reviewed the sibling arxiv-paper-reviews and arxiv-skill-extractor modules. Inspect any generated skills before enabling or using them, and expect persistent changes under memory/evolution, memory/YYYY-MM-DD.md, and skills/arxiv-learned-*.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Low
Confidence
88% confidence
Finding
The skill documentation states that it writes a pending task state file and generates new skill files, but it does not warn the user that running it causes persistent filesystem changes and indirect code generation. In this context, that omission can mislead operators into executing a skill that mutates agent state and introduces new executable artifacts without informed consent or review.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal