Current View Triage

Security checks across malware telemetry and agentic risk

Overview

This is a narrow read-only student triage skill; its only notable caution is an optional saved snapshot export and a disclosed third-party MCP setup path.

Install it if you want snapshot-based Campus Copilot triage, but only provide academic snapshot data you are comfortable letting the agent read. Treat `export_snapshot_artifact` as creating a saved copy, and review the external `pnpm`-based MCP project before running it locally.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 94% confidence
Finding: The document states the skill only needs read-only Campus Copilot surfaces, but it also lists `export_snapshot_artifact`, which introduces a side effect by creating or saving an artifact. This mismatch can cause reviewers or operators to under-scope the skill's effective permissions and approve or invoke it under an incorrect trust model.

Intent-Code Divergence

Medium

Confidence: 96% confidence
Finding: The documentation creates a misleading assurance by saying the skill only needs read-only surfaces while later recommending an artifact export path. Even if export is intended only for proof or operator convenience, the hidden side effect increases the risk of unintended data propagation, retention, or policy bypass because users may treat the skill as non-mutating.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal