Security audit

AIGC佬猫剧本转提示词

Security checks across malware telemetry and agentic risk

Overview

This is a text-only skill for turning user-provided scripts into AI storyboard prompts, with no executable behavior or privileged access.

Install only if you want a Chinese-language script-to-storyboard prompt workflow. Be aware it may activate for broad script or AI-prompt requests, so check that it is being used only for screenplay/storyboard conversion, and avoid feeding scripts you do not have rights or permission to process.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The activation condition is broad enough to trigger on common requests involving scripts, storyboards, animation prompts, or AI prompt generation, which can cause the skill to over-activate outside a tightly defined scope. Over-broad routing increases the chance of prompt hijacking of unrelated tasks, accidental interception of sensitive user content, or unsafe transformation of content that should have been handled by a narrower or policy-aware skill.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.