Back to skill

Security audit

patent-disclosure

Security checks across malware telemetry and agentic risk

Overview

This skill coherently provides patent-disclosure templates, checklists, and local Markdown-to-Word export, with one dependency-install behavior users should understand before use.

Install this only where adding python-docx is acceptable, preferably by installing dependencies up front instead of relying on runtime pip/uv installation. Treat invention disclosures as sensitive business information and confirm who can access generated files in the uploads/download area and how long they are retained.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Behavioral ASTexec() Call, eval() Call, Dynamic Import
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Findings (6)

subprocess module call

Medium
Category
Dangerous Code Execution
Content
for cmd in commands:
        try:
            proc = subprocess.run(
                cmd,
                timeout=180,
                capture_output=True,
Confidence
93% confidence
Finding
proc = subprocess.run( cmd, timeout=180, capture_output=True, text=True, )

Context-Inappropriate Capability

Medium
Confidence
97% confidence
Finding
This skill's stated purpose is local document export, but it also has the capability to install software by invoking pip or uv. That exceeds the minimal privilege expected for the feature and creates supply-chain and environment-modification risk if triggered in sensitive or managed environments.

Description-Behavior Mismatch

Medium
Confidence
96% confidence
Finding
The code modifies the host environment at runtime by attempting to install a Python package, which is not transparent from a simple document-template/export capability. Hidden environment mutation is dangerous because it can violate operator expectations, break reproducibility, and introduce unreviewed third-party code.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
Automatic installation occurs without any prior user-facing warning or consent, so invoking export may unexpectedly trigger network access and software installation. In enterprise or sandboxed contexts, this can bypass change-control expectations and increase the blast radius of a simple export operation.

Unpinned Dependencies

Low
Category
Supply Chain
Content
python-docx>=1.1.0
Confidence
94% confidence
Finding
python-docx>=1.1.0

Known Vulnerable Dependency: python-docx — 2 advisory(ies): CVE-2016-5851 (Improper Restriction of XML External Entity Reference in python-docx); CVE-2016-5851 (python-docx before 0.8.6 allows context-dependent attackers to conduct XML Exter)

High
Category
Supply Chain
Confidence
98% confidence
Finding
python-docx

VirusTotal

53/53 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.dynamic_code_execution

Dynamic code execution detected.

Critical
Code
suspicious.dynamic_code_execution
Location
docx_export.py:36

Dynamic code execution detected.

Critical
Code
suspicious.dynamic_code_execution
Location
main.py:29