Excalidraw Handdraw

Security checks across malware telemetry and agentic risk

Overview

This diagram skill is not clearly harmful, but it can start Docker and modify files through unbundled local scripts, so users should review it carefully before installing.

Install only if you are comfortable with an agent starting a local Docker service and modifying files. Before using it, verify any referenced ./scripts files are trusted and intended for this skill, confirm output paths and document edits explicitly, and stop the canvas container when finished.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The trigger list includes broad everyday phrases such as '画图', '创建图表', and '生成图表', which can cause the skill to activate in contexts broader than intended. Because this skill can start Docker services and write or modify files, accidental invocation increases the chance of unintended system actions rather than being a purely cosmetic misfire.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The skill explicitly supports saving images to arbitrary paths and inserting or replacing content in files, but it does not clearly warn the user that local files will be created or modified. In context, this is more dangerous because the skill also provides concrete shell commands for writing to disk and editing Markdown, so an accidental or ambiguous invocation could alter project files without sufficiently explicit user awareness or consent.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal