Back to skill

Security audit

AutoSkill Academic Study Planner

Security checks across malware telemetry and agentic risk

Overview

This is mostly a study-planning skill, but it contains instructions that can make the agent generate excessive, hard-to-stop output unrelated to normal study planning.

Review this skill carefully before installing. It does not appear to steal data or run code, but it may make the agent produce very long answers, resist concise completion, and add unrelated analysis that users did not ask for. Use it only if you are comfortable with those output-control behaviors, and prefer a bounded study-planning skill for normal use.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
The skill injects irrelevant output requirements such as 'multi-disciplinary lenses' (e.g. quantum mechanics, evolutionary ecology) into a study-planning workflow. This creates prompt drift, wastes tokens, and can degrade reliability by forcing the model away from the user’s actual educational task, increasing the chance of unusable or confusing output.

Context-Inappropriate Capability

Medium
Confidence
97% confidence
Finding
The completion-control section forces excessive self-rebuttal loops, recovery passes, anti-compression audits, and mandatory continuation blocks unrelated to the requested artifact. This can be exploited to cause denial-of-service-like behavior through token exhaustion, prevent concise compliance with user intent, and override normal stopping conditions.

Ssd 4

Medium
Confidence
96% confidence
Finding
The staged status gates, forced continuation commands, and completion-escape recovery mechanism are explicit attempts to suppress natural termination and compel continued generation. In an agent setting, this is dangerous because it can hijack runtime behavior, consume excessive resources, and interfere with higher-priority system or user instructions about brevity and task scope.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Static analysis

No suspicious patterns detected.