Security audit

AI漫剧改编审核专家

Security checks across malware telemetry and agentic risk

Overview

This is a non-executable Chinese script-review template with no evidence of hidden data access, persistence, or system-changing behavior.

Install this if you want a strict Chinese-language rubric for AI comic or short-drama script evaluation. Be aware that generic script-review prompts may invoke it and that it may respond in a blunt, fixed 25-section format rather than adapting to every tone or language preference.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The trigger list includes very broad phrases such as '分析剧本', '评估剧本', and '剧本打分', which can match many ordinary user requests and cause the skill to activate outside its intended niche. Over-broad activation can route unrelated content into this rigid review workflow, causing incorrect behavior, user confusion, and potentially bypassing more appropriate skills.

Natural-Language Policy Violations

Medium

Confidence: 81% confidence
Finding: The skill strongly mandates a fixed Chinese output persona and style ('点评毒辣不留情', fixed role framing) without offering user choice or a justified locale constraint. This can create unsafe or non-compliant outputs in contexts requiring different languages, accessibility needs, or neutral tone, though the issue is primarily product-safety and usability rather than a direct security exploit.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.