Back to skill

Security audit

Deep Research 🔬

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed deep-research helper that runs a local Python script, uses web search/fetch workflows, and saves research reports without evidence of hidden or destructive behavior.

Install only if you want an agent to perform multi-source web research. Expect it to run a Python helper, create temporary JSON files, fetch external webpages, and save Markdown reports; review generated citations and treat fetched page content as untrusted.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill documentation describes executing local Python scripts, writing intermediate and final artifacts to /tmp and research/, performing web access, and potentially using environment data, yet no permissions are declared. That mismatch can cause the platform or reviewers to underestimate the skill's capabilities, reducing effective consent, sandboxing, and policy enforcement around network and file operations.

Vague Triggers

Medium
Confidence
78% confidence
Finding
The trigger phrases include very broad terms such as "research," "investigate," and "详细了解一下," which can match many ordinary requests and cause the skill to activate unexpectedly. Because this skill performs multi-step web access and file-writing workflows, accidental activation increases the chance of unnecessary browsing, content collection, and report generation beyond user intent.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.