Adaptivetest Skill

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only AdaptiveTest API skill whose remote student-data workflows are visible and aligned with its education purpose, though users should treat student records and the API key carefully.

Install only if you trust AdaptiveTest/Woodstock Software and are authorized to send student or assessment data to that service. Protect ADAPTIVETEST_API_KEY like an account credential, minimize student PII where possible, and confirm before delete, bulk enrollment, calibration, or other record-changing actions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: This skill explicitly handles students, classes, assessment history, adaptive testing sessions, and personalized recommendations through an external API, but it does not warn users that potentially sensitive student and educational data will be transmitted off-platform. In an education context, this omission is security- and privacy-relevant because agents may send identifiable student records, responses, and performance data without meaningful user awareness or consent.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal