spearman-correlation

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward local statistics helper that reads user-selected tabular data and creates Excel analysis results, with no evidence of hidden or unrelated behavior.

Install only if you are comfortable letting the skill read the specific tables or folders you provide and create .xlsx result files. Use a trusted Python environment for any dependency installation, and choose or confirm an output location to avoid accidental overwrites in batch runs.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Low

Confidence: 87% confidence
Finding: The skill explicitly instructs saving analysis results as Excel files but does not tell the user that it will write to disk, where outputs will be placed, or whether existing files may be overwritten. This can lead to unintended filesystem modification, especially in batch mode where many files may be generated, but it does not by itself indicate malicious behavior.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal