Security audit

NSFC Grant Writer

Security checks across malware telemetry and agentic risk

Overview

This is a coherent NSFC grant-writing helper with simple local checklist scripts, but users should keep contribution and AI-use disclosures truthful.

Install only if you want NSFC-specific grant application support. Avoid sharing confidential or classified research material unless your organization permits it, review optional shell scripts before running them, and ensure any generated or revised wording is factually accurate and properly disclosed under applicable NSFC and institutional rules.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (3)

Intent-Code Divergence

Medium

Confidence: 93% confidence
Finding: The skill claims it will not ghostwrite, but elsewhere supplies canned contribution-statement phrasing that users can paste into a formal grant application. In this context, that contradiction can enable policy evasion, misrepresentation of authorship/contribution narratives, and non-compliant use of AI in a regulated funding workflow.

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The trigger phrases in the help section are very broad everyday requests such as asking for help with an abstract, formatting, or writing a section. In an agent ecosystem, overly generic activation cues can cause unintended invocation during normal conversation, leading the skill to engage when the user did not explicitly intend to use it and potentially exposing sensitive draft proposal content to the skill context.

Vague Triggers

Low

Confidence: 76% confidence
Finding: The quick-start section encourages users to begin with common natural-language requests but does not define when the skill should or should not activate. Without clear boundaries or disambiguation rules, the skill may be selected for loosely related writing-help requests, creating prompt-routing ambiguity and increasing the chance of accidental processing of sensitive research or personal application information.

VirusTotal

42/42 vendors flagged this skill as clean.

View on VirusTotal