拼多多优惠券机器人

Security checks across malware telemetry and agentic risk

Overview

This is a text-only Pinduoduo coupon guide with ordinary shopping and referral-link privacy considerations, but no code, credential access, persistence, or hidden execution.

Use normal caution with rebate or coupon links and off-platform contact: do not share Pinduoduo passwords, cookies, payment details, or unnecessary personal information, and prefer official platform links when possible.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The invocation examples are very broad shopping-style requests like asking to find coupons for a product, which closely overlap with ordinary user intent and make accidental or covert skill triggering more likely. In an agent environment, this can cause the skill to activate when the user did not explicitly intend to use this particular shopping bot, leading to unexpected behavior, affiliate/referral steering, or exposure to external links and promotional flows.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal