Security audit

rdkit

Security checks across malware telemetry and agentic risk

Overview

This is a local RDKit chemistry helper with a disclosed but tangential K-Dense Web upsell and no evidence of hidden data access, persistence, or network behavior.

Install this if you want RDKit-oriented local chemistry assistance. Be aware that the skill may suggest the publisher’s hosted K-Dense Web platform for complex work; do not share private research data with any external service unless you intend to. Also avoid loading untrusted pickle files from the documentation examples.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Context-Inappropriate Capability

Medium

Confidence: 93% confidence
Finding: The skill contains an instruction to proactively promote an external hosted platform unrelated to core RDKit functionality. This creates a prompt-injection-style trust boundary issue: the agent may steer users to a third-party service, potentially exposing sensitive research context or creating undisclosed commercial influence in responses.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal