Arxiv Paper Reviews
Security checks across malware telemetry and agentic risk
Overview
This skill appears to be a straightforward arXiv review helper that talks to a disclosed API endpoint, with no evidence of hidden persistence, exfiltration, or destructive behavior.
Before installing, confirm you trust the operator of the HTTP API endpoint and avoid submitting confidential or sensitive review text unless you are comfortable sending it to that server without transport encryption.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.