Arxiv Paper Processor

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says, but its downloaded source-archive extraction could let a malformed paper bundle write outside the intended folder.

Install only if you are comfortable running local Python scripts that download and extract arXiv files into your chosen workspace. Use a non-sensitive run directory, treat paper contents as untrusted text, and prefer a version with hardened tar extraction before processing arbitrary or adversarial paper IDs.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The default prompt is broad enough to trigger on loosely related requests and authorizes multi-step actions such as downloading artifacts and producing summaries without clear gating conditions. In an agent setting, ambiguous invocation criteria can cause the skill to activate in unintended contexts, leading to unnecessary external fetches, processing of untrusted content, or actions beyond the user's actual intent.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal