Arxiv Batch Reporter

Security checks across malware telemetry and agentic risk

Overview

This skill coherently builds local arXiv report files from user-selected summary files, with a prompt-injection caveat that users should manage when summaries are untrusted.

Install only if you are comfortable letting the model read the summaries in your chosen run directory. Review generated summaries_bundle.md before using it with a model when papers, metadata, or summaries came from untrusted sources, and keep custom paths inside the intended report directory.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Ssd 1

Medium

Confidence: 97% confidence
Finding: The bundle places an instruction block for a downstream model directly adjacent to untrusted metadata and full summary text sourced from per-paper files. If any summary or metadata contains adversarial prompt-injection content, the downstream LLM may follow those embedded instructions, causing report manipulation, omission of papers, data exfiltration from the synthesis context, or other unintended behavior. The skill context makes this more dangerous because the file is explicitly designed as model input, so semantic injection is part of the active trust boundary.

VirusTotal

56/56 vendors flagged this skill as clean.

View on VirusTotal