Medical Cell Biology-PMPH-7edition

Security checks across malware telemetry and agentic risk

Overview

This is mostly an educational medical cell biology skill set, but it includes under-scoped clinical and hazardous laboratory instructions that users should review carefully before installing.

Install only if you want a textbook-style medical cell biology reference and can keep it limited to education or supervised research. Do not rely on it for patient-specific diagnosis, treatment, dosing, cloning work, or wet-lab execution; those outputs should require qualified clinical, ethical, legal, and biosafety review.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration

Findings (18)

Description-Behavior Mismatch

High

Confidence: 80% confidence
Finding: A skill explicitly framed as selecting and implementing tumor treatment introduces clinical decision support into a collection presented as textbook-based core cell biology. That mismatch can cause unsafe reliance on educational material for real treatment decisions, increasing the chance of harmful medical misuse without appropriate safeguards, validation, or clinician-only constraints.

Description-Behavior Mismatch

High

Confidence: 85% confidence
Finding: A skill that claims to execute somatic cell nuclear transfer for therapeutic or reproductive cloning materially exceeds a textbook-learning scope and describes an advanced, ethically sensitive experimental workflow. In the absence of strong gating, this can facilitate misuse of reproductive cloning guidance or unsafe wet-lab procedural assistance in a context not designed for regulated biomedical operations.

Context-Inappropriate Capability

High

Confidence: 83% confidence
Finding: Clinical treatment-plan selection is especially risky because users may interpret the skill as actionable medical guidance despite the collection being educational and textbook-derived. The context makes this more dangerous, not less, because the mismatch lowers expectations for safety controls while still presenting intervention-oriented capability that could affect patient care.

Context-Inappropriate Capability

High

Confidence: 87% confidence
Finding: Execution-oriented SCNT and cloning workflows are highly sensitive and inappropriate for a general core-competency skill set. The educational context does not neutralize the danger; instead, it may normalize access to advanced cloning procedures without the legal, ethical, biosafety, and institutional controls such work requires.

Description-Behavior Mismatch

High

Confidence: 96% confidence
Finding: The skill goes beyond descriptive cell-biology education and provides actionable procedural guidance for somatic cell nuclear transfer, embryo culture, embryonic stem-cell derivation, and cloning-related workflows. In the context of an agent skill, operationalizing these steps materially increases misuse risk for prohibited or highly regulated embryo-manipulation activities, even though the text includes limited legality language.

Context-Inappropriate Capability

Critical

Confidence: 99% confidence
Finding: The reproductive cloning branch explicitly instructs the user to transfer an SCNT embryo to a surrogate and carry the pregnancy to term, which is far outside a normal medical cell-biology competency scope. This is especially dangerous because it enables a prohibited high-consequence capability whose misuse could lead to illegal reproductive cloning and severe ethical, legal, and biosafety harms.

Description-Behavior Mismatch

High

Confidence: 97% confidence
Finding: The skill metadata says it is for 'medical-cell-biology-7th-edition', but the file actually defines a different skill about tenth-round clinical medicine textbook revision principles. This mismatch can cause the agent to load or invoke unintended instructions, undermining scope controls, confusing downstream routing, and enabling policy or behavior injection under a trusted but unrelated label.

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The README states that users can 'just enter a question' and the system will automatically find a solution from the textbook, which defines the trigger scope far too broadly. In a skill-routing environment, this can cause the skill to activate on generic medical or biological questions outside its intended boundaries, increasing the chance of inappropriate educational, medical-adjacent, or experimental guidance being surfaced without clear scoping.

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The activation description is broad enough to match many ordinary medication, transport-protein, or drug-metabolism questions, which can cause incorrect or unnecessary routing to this specialized skill. In an agent system, overbroad triggering can lead to misleading medical analysis, inappropriate discussion of chemotherapy resistance, or responses outside the user’s actual intent, increasing reliability and safety risk in a healthcare context.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill explicitly recommends cell immortalization methods such as radiation, chemical carcinogens, and oncogene transfection without any biosafety, regulatory, or ethical guardrails. Even though the content is framed as educational cell biology guidance, these are hazardous wet-lab manipulations that can enable creation or alteration of proliferative human or vertebrate cell lines, so omission of safety constraints materially increases misuse risk.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The skill gives concrete antitumor drug recommendations, including cytoskeleton-targeting agents, without requiring oncologist supervision, formal indication review, dosing safeguards, or warnings about severe toxicity and contraindications. In a medical skill, this can be misused as treatment guidance and may contribute to unsafe self-medication or inappropriate clinical decisions, especially because the surrounding content frames the drugs as actionable choices based on observed pathology.

Natural-Language Policy Violations

Medium

Confidence: 93% confidence
Finding: The skill content is written entirely in Chinese and does not offer any user language or locale selection. This can cause user intent to be misunderstood, reduce reviewability by non-Chinese-speaking operators, and create unsafe or inaccessible behavior when the surrounding system expects multilingual or user-aligned responses.

Missing User Warnings

High

Confidence: 96% confidence
Finding: The skill gives concrete procedural instructions for a closed-loop experiment involving flammable gases (CH₄, H₂, NH₃), vacuum operations, boiling, and approximately 60 kV spark discharge, but provides no explicit safety warnings, competency requirements, PPE guidance, ventilation requirements, or instruction to restrict the procedure to properly equipped laboratories. In an agent skill, this omission is dangerous because it can normalize or operationalize a hazardous experiment for inexperienced users, increasing the risk of fire, explosion, toxic exposure, electrical injury, and glassware failure.

Vague Triggers

Medium

Confidence: 80% confidence
Finding: The trigger phrase '无机物能否变成有机物？' is broad enough to match general educational or philosophical questions, causing the system to invoke a hazardous wet-lab procedure in contexts where the user may only want conceptual explanation. Because this skill contains operational instructions for a dangerous experiment, overbroad triggering increases accidental exposure to harmful step-by-step guidance.

Missing User Warnings

High

Confidence: 91% confidence
Finding: The markdown provides actionable instructions for sensitive embryo-manipulation and therapeutic-cloning steps while offering only a narrow note against human reproductive cloning. That warning is insufficient for the breadth of risky content, because therapeutic cloning, embryonic stem-cell derivation, and related manipulation also carry major legal, ethical, and safety constraints that users are not clearly warned about.

Natural-Language Policy Violations

Medium

Confidence: 94% confidence
Finding: The skill metadata and body are entirely in Chinese and direct the model to produce Chinese output without any indication of user preference. This can override the user's requested language or reduce transparency for users who cannot read Chinese, creating a prompt-quality and usability issue even though it is not a direct security exploit.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill gives procedural instructions for TEM preparation using hazardous substances such as glutaraldehyde, osmium tetroxide, uranyl acetate, and lead citrate, but it does not include explicit safety controls, PPE requirements, ventilation/fume hood requirements, waste disposal guidance, or training prerequisites. In a lab-facing skill, omission of these precautions can lead users to handle highly toxic, volatile, and heavy-metal reagents unsafely, increasing risk of poisoning, inhalation exposure, burns, and contamination.

Missing User Warnings

High

Confidence: 98% confidence
Finding: The skill gives concrete therapy-selection and treatment guidance for high-risk oncology interventions, including named drugs and administration framing, but does not clearly state that this information is for licensed oncology/hematology professionals only and must not be used for self-treatment. In a general agent setting, this omission increases the risk that a patient or non-specialist user could treat the content as actionable medical instruction, leading to serious harm from inappropriate cancer therapy use or delayed proper care.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal