Back to skill

Security audit

YiHui Agent Swarm

Security checks across malware telemetry and agentic risk

Overview

This is not malware, but it asks agents to route tasks and persist user/team memory without enough limits or user controls.

Install only if you intentionally want a multi-agent orchestration layer with persistent memory and external message routing. Before enabling it, narrow triggers, define which tasks require human approval, exclude secrets and private data from memory, replace all Feishu targets, and set a process to review or delete stored memories.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
87% confidence
Finding
The trigger list includes broad phrases such as '编排', '角色定义', and 'task routing', which can match many ordinary conversations unrelated to this skill. In an agent platform, over-broad activation can cause unintended routing, excessive privilege exposure, or the injection of this skill's orchestration instructions into contexts where they were not requested.

Vague Triggers

Medium
Confidence
92% confidence
Finding
The routing rules use broad keywords like “安全”, “bug”, “判断”, and “决定”, which are common in normal conversation and can cause accidental or overly broad skill activation. In a multi-agent orchestration skill, misrouting can expose task content to the wrong agent, trigger unnecessary escalation, or expand the scope of data shared across agents and channels.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.