产品经理技能

Security checks across malware telemetry and agentic risk

Overview

This is a Chinese product-management methodology skill with no executable code, install hooks, credential access, persistence, or hidden data handling.

Install this if you want a Chinese-language product-management aid for structured PRDs, research, stakeholder analysis, competitor analysis, and feature prioritization. If you prefer another language, state that when invoking the skill.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Natural-Language Policy Violations

Medium

Confidence: 95% confidence
Finding: The skill begins by instructing the agent to produce outputs in Chinese and is entirely written in Chinese, without indicating that the language should follow the user's preference. This can cause the agent to ignore user locale or accessibility needs, reducing usability and potentially causing misunderstanding when the requester expects another language.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal