Back to skill

Security audit

Abstract Logic Writer

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed academic-abstract writing and scoring helper with optional user-directed ontology file generation or download, and I found no hidden or destructive behavior.

Install if you want an academic abstract drafting and rule-based scoring helper. Treat the ontology download feature as opt-in: only provide trusted public URLs and choose an output directory you are comfortable modifying.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill instructs the agent to read local files, write output files, and optionally run an ontology bootstrap process that may download remote resources, yet no permissions are declared. This creates a transparency and control gap: a caller or platform may treat the skill as low-risk while it can actually touch the filesystem and network, increasing the chance of unintended data exposure, unexpected file modification, or unauthorized external access.

Tp4

High
Category
MCP Tool Poisoning
Confidence
89% confidence
Finding
The documented behavior extends beyond passive abstract analysis into drafting, rewriting, generating negative examples, and optionally downloading ontology files, while the permission and behavior surface is not clearly aligned. This mismatch is dangerous because reviewers and users may underestimate the operational reach of the skill, especially the external-resource and file-writing behavior, which can lead to misuse, unreviewed data flows, or policy bypass.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.