餐饮门店运营数据分析

Security checks across malware telemetry and agentic risk

Overview

This is a Chinese-language restaurant operations analysis skill with no executable code, credential use, persistence, or hidden data movement.

Install this if you want Chinese-language analysis for restaurant operations on platforms such as Douyin, Meituan, Dianping, or Xiaohongshu. Review any platform appeal drafts and business recommendations before use, and avoid uploading sensitive data that is not needed for the analysis.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The trigger description is overly broad and includes common business terms like 门店运营, 投放分析, ROI, and 差评处理, which can cause the skill to activate for many generic conversations beyond its intended scope. In an agent setting, ambiguous routing can expose user data to the wrong workflow, produce irrelevant or platform-specific advice in the wrong context, and reduce reliability of downstream decisions.

Natural-Language Policy Violations

Medium

Confidence: 78% confidence
Finding: The skill content and description are fully Chinese-centric and do not offer a language-selection path or document that it is restricted to Chinese-speaking users. This can lead to misrouting or unusable outputs for users interacting in other languages, which is primarily a safety and usability issue rather than a direct security compromise.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal