Math Proof

Security checks across malware telemetry and agentic risk

Overview

This is a math-proof helper whose agent review loop is disclosed and aligned with its purpose, with a privacy caution around optional reference files.

Install if you want iterative math proof generation and review. When asked for reference materials, choose specific non-sensitive files rather than whole folders, and avoid credentials, private notes, or unrelated documents.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill invites the user to supply a local file or folder path whose contents will be included in every prompt sent to spawned agents, but it gives no warning about privacy, minimization, or sensitive-data handling. This creates a real risk of unintentionally exposing confidential local documents to subagents or broader model context, especially because repeated inclusion across rounds amplifies data exposure.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal