Back to skill

Security audit

河南油田工程科技PPT生成器

Security checks across malware telemetry and agentic risk

Overview

This is a company-specific PowerPoint formatting helper with minor transparency caveats, not evidence of malicious behavior.

Install this if you want this specific Chinese company PPT template workflow. Before generating, confirm the intended output path and whether the file already exists, and make sure you also trust the separate PPT-generation skill it relies on.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
94% confidence
Finding
The manifest includes very broad trigger phrases such as “做PPT”, “生成PPT”, and “按照模板做”, which can match many ordinary user requests and cause the skill to activate in contexts broader than intended. Because the skill can read reference files and generate/write output files automatically, overbroad activation increases the chance of unintended invocation and unauthorized file-creation actions in response to generic requests.

Missing User Warnings

Low
Confidence
89% confidence
Finding
The skill explicitly writes a PPT file to a workspace path but does not clearly warn the user beforehand that a file will be created and where it will be stored. This reduces transparency and can lead to unexpected filesystem side effects, especially if the skill is triggered unintentionally due to its broad activation phrases.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.