Back to skill

Security audit

ResearchMate

Security checks across malware telemetry and agentic risk

Overview

ResearchMate is a disclosed research-assistant skill that searches public sources and creates writing-material files; I found no hidden code, credential access, or destructive behavior.

Install this if you want an AI workflow that researches public web sources and saves structured source packs. Avoid confidential topics unless you are comfortable with topic keywords being used in web searches and generated files remaining in the workspace. Review the separate GitHub/Python project before using its command-line install path.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Vague Triggers

Medium
Confidence
85% confidence
Finding
The invocation examples are broad enough to match common user language such as '帮我找XX相关资料' or '我要写一篇关于XX的文章', which can cause the skill to activate in situations where the user did not intend automated collection. In this skill's context, unexpected activation can trigger external fetching and downstream file/report generation, increasing the chance of unconsented data handling and side effects.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The README advertises automatic multi-source collection and Word/PDF/file export without clearly warning users about network access, external requests, local file creation, or possible retention of collected materials. In an agent skill setting, undisclosed side effects are dangerous because users may trigger the skill through natural language without realizing it will access external sources and write structured outputs.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The trigger description is broad enough to overlap with generic writing-assistance requests, which can cause the skill to activate when the user did not explicitly ask for research collection. In practice this may lead to unintended web access, broader data collection, and file generation behavior being invoked under ambiguous circumstances.

Vague Triggers

Medium
Confidence
88% confidence
Finding
A trigger based on broad user needs rather than precise invocation constraints increases the chance of accidental activation. Because this skill performs structured questioning, web retrieval, and output generation, ambiguous activation can unexpectedly expand the assistant's behavior beyond what the user intended.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill states it will create Markdown and CSV output files but does not clearly warn the user beforehand that files will be written to the workspace. Hidden or unexpected file writes can surprise users, clutter the workspace, overwrite expected outputs, or create persistence the user did not consent to.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.